Vulnerabilities > Woltlab > Burning Board > 3.0.5

DATE CVE VULNERABILITY TITLE RISK
2008-04-09 CVE-2008-1717 Information Exposure vulnerability in Woltlab Burning Board 3.0.5
WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.
network
low complexity
woltlab CWE-200
5.0
5.0
2008-04-09 CVE-2008-1716 Cross-Site Scripting vulnerability in Woltlab Burning Board 3.0.5
Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the (1) page and (2) form parameters, which are not properly handled when they are reflected back in an error message.
network
woltlab CWE-79
4.3
4.3