Vulnerabilities > CVE-2007-1518 - SQL Injection vulnerability in Woltlab Burning Board UserGroups.PHP

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

woltlab

NVD

Published: 2007-03-20

Updated: 2018-10-16

Summary

SQL injection vulnerability in usergroups.php in Woltlab Burning Board (wBB) 2.x allows remote attackers to execute arbitrary SQL commands via the array index of the applicationids array.

Vulnerable Configurations

Part	Description	Count
Application	Woltlab Woltlab Burning Board 2.0 Woltlab Burning Board 2.0.3 Woltlab Burning Board 2.0_Beta_3 Woltlab Burning Board 2.0_Beta_4 Woltlab Burning Board 2.0_Beta_5 Woltlab Burning Board 2.0_Rc1 Woltlab Burning Board 2.0_Rc2 Woltlab Burning Board 2.1.5 Woltlab Burning Board 2.1.6 Woltlab Burning Board 2.2.1 Woltlab Burning Board 2.2.2 Woltlab Burning Board 2.2.3 Woltlab Burning Board 2.3.0 Woltlab Burning Board 2.3.1 Woltlab Burning Board 2.3.2 Woltlab Burning Board 2.3.3 Woltlab Burning Board 2.3.4 Woltlab Burning Board 2.3.5 Woltlab Burning Board 2.3.6 Woltlab Burning Board 2.4 Woltlab Burning Board 2.5 Woltlab Burning Board 2.6 Woltlab Burning Board 2.7	23

Summary

Vulnerable Configurations

References