Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
woltlab burning board vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-1443
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e allow remote malicious users to inject arbitrary web script or HTML via the (1) r_username, (2) r_email, (3) r_password, (4) r_confirmpassword...
Woltlab Burning Board 2.3.6
Woltlab Burning Board Lite 1.0.2 Pl3e
7.5
CVSSv2
CVE-2007-6518
Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote malicious users to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters.
Woltlab Burning Board Lite 1.0.2 Pl3e
Woltlab Burning Board Lite 1.0.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-0388
SQL injection vulnerability in search.php in Woltlab Burning Board (wBB) 1.0.2 and previous versions, and 2.3.6 and previous versions in the 2.x series, allows remote malicious users to execute arbitrary SQL commands via the boardids[1] and other boardids[] parameters.
Woltlab Burning Board
3 EDB exploits
6.8
CVSSv2
CVE-2006-1324
Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote malicious users to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.
Woltlab Burning Board
1 EDB exploit
4.3
CVSSv2
CVE-2005-1327
Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the folderid parameter.
Woltlab Burning Board
6.8
CVSSv2
CVE-2005-1285
Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the hilight parameter.
Woltlab Burning Board
1 EDB exploit
4.3
CVSSv2
CVE-2006-1215
Cross-site scripting (XSS) vulnerability in misc.php in Woltlab Burning Board (wBB) 2.3.4 allows remote malicious users to inject arbitrary web script or HTML via the percent parameter. NOTE: this issue has been disputed in a followup post, although the original disclosure might ...
Woltlab Burning Board 2.3.4
1 EDB exploit
6.8
CVSSv2
CVE-2008-7192
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote malicious users to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete act...
Woltlab Burning Board 3.0.1
7.5
CVSSv2
CVE-2002-0903
register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote malicious users to hijack ne...
Woltlab Burning Board 1.1.1
7.5
CVSSv2
CVE-2005-1642
SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and previous versions allows remote malicious users to execute arbitrary SQL commands via the $email variable.
Woltlab Burning Board 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »