Multiple SQL injection vulnerabilities in the Info-DB module (info_db.php) in Woltlab Burning Board 2.7 and previous versions allow remote malicious users to execute arbitrary SQL commands and possibly upload files via the (1) fileid and (2) subkatid parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|