CVE Vulnerabilities

CVE-2006-1094

Published: Mar 09, 2006 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to (1) info_db.php or (2) database.php.

Affected Software

Name Vendor Start Version End Version
Burning_board Woltlab 2.4 2.4
Burning_board Woltlab 2.7 2.7
Burning_board Woltlab 1.1.1 1.1.1
Burning_board Woltlab 2.0_beta_4 2.0_beta_4
Burning_board Woltlab 2.2.2 2.2.2
Burning_board Woltlab 2.3.3 2.3.3
Burning_board Woltlab 2.3.1 2.3.1
Datenbank_module Datenbank_module * 2.7
Burning_board Woltlab 2.0_beta_3 2.0_beta_3
Burning_board Woltlab 2.5 2.5
Burning_board Woltlab 2.6 2.6
Burning_board Woltlab 2.0_rc1 2.0_rc1
Burning_board Woltlab 2.0_beta_5 2.0_beta_5
Burning_board Woltlab 2.0_rc2 2.0_rc2

References