Published: 05/12/2006 Updated: 17/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote malicious users to execute arbitrary SQL commands via the wbb_userid parameter to the top-level URI. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in wBB Lite.

Vulnerable Product	Search on Vulmon	Subscribe to Product
woltlab burning board lite 1.0.2

<?php print_r(' -------------------------------------------------------------------------------- Woltlab Burning Board Lite 102 Zend_Hash_Del_Key_Or_Index / / blind sql injection exploit by rgod retrog@aliceit site: retrogodaltervistaorg dork: "Powered by Burning Board Lite 102 * 2001-2004" ----------------------------------------- ...

NVD-CWE-Other http://retrogod.altervista.org/wbblite_102_sql.html http://www.securityfocus.com/bid/21265 http://www.securityfocus.com/archive/1/452561/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/2842/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-6289

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect