Woltlab Burning Board SQL Injection Flaw Network Vulnerability

Summary

The remote web server contains a PHP script that is susceptible to SQL injection attacks. Description: The remote version of Burning Board includes an optional module, the Database module, that fails to properly sanitize the 'fileid' parameter of the 'info_db.php' script, which can be exploited to launch SQL injection attacks against the affected host.

Solution

Unknown at this time.

References

http://www.securityfocus.com/archive/1/426583/30/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2005-3369, CVE-2006-1094

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

artmedic_links5 File Inclusion Vulnerability
4psa Voipnow Local File Inclusion Vulnerability
Apache Struts ClassLoader Manipulation Vulnerabilities
Apache Tomcat AJP Protocol Security Bypass Vulnerability
AproxEngine Multiple Remote Input Validation Vulnerabilities

Woltlab Burning Board SQL injection flaw

Take action and discover your vulnerabilities