Vulnerabilities > CVE-2006-6237 - Unspecified vulnerability in Woltlab Burning Board Lite 1.0.2

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
woltlab
nessus
exploit available
NVD
Published: 2006-12-03
Updated: 2024-11-21

Summary

SQL injection vulnerability in the decode_cookie function in thread.php in Woltlab Burning Board Lite 1.0.2 allows remote attackers to execute arbitrary SQL commands via the threadvisit Cookie parameter.

Vulnerable Configurations

Part Description Count
Application
Woltlab
1

Exploit-Db

descriptionWoltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit. CVE-2006-6237. Webapps exploit for php platform
fileexploits/php/webapps/2841.php
idEDB-ID:2841
last seen2016-01-31
modified2006-11-24
platformphp
port
published2006-11-24
reporterrgod
sourcehttps://www.exploit-db.com/download/2841/
titleWoltlab Burning Board Lite 1.0.2 decode_cookie SQL Injection Exploit
typewebapps

Nessus

NASL familyCGI abuses
NASL idBURNING_BOARD_LITE_DECODE_COOKIE_SQL_INJECTION.NASL
descriptionThe remote version of Burning Board Lite fails to sanitize user- supplied cookie input before using it in the
last seen2020-06-01
modified2020-06-02
plugin id23733
published2006-11-27
reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/23733
titleWoltLab Burning Board Lite thread.php decode_cookie Function threadvisit Cookie Parameter SQL Injection

References