CVE Vulnerabilities

CVE-2007-0388

Published: Jan 19, 2007 | Modified: Oct 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in search.php in Woltlab Burning Board (wBB) 1.0.2 and earlier, and 2.3.6 and earlier in the 2.x series, allows remote attackers to execute arbitrary SQL commands via the boardids[1] and other boardids[] parameters.

Affected Software

Name Vendor Start Version End Version
Burning_board Woltlab * 1.0.2 (including)
Burning_board Woltlab * 2.3.6 (including)

References