SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Burning_board | Woltlab | * | 2.0_rc1 (including) |
| Burning_board | Woltlab | 2.0_beta_3 (including) | 2.0_beta_3 (including) |
| Burning_board | Woltlab | 2.0_beta_4 (including) | 2.0_beta_4 (including) |
| Burning_board | Woltlab | 2.0_beta_5 (including) | 2.0_beta_5 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0083.html
- http://www.iss.net/security_center/static/10069.php
- http://www.securityfocus.com/bid/5675
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0083.html
- http://www.iss.net/security_center/static/10069.php
- http://www.securityfocus.com/bid/5675