Woltlab Burning Book : Security vulnerabilities, CVEs

Copy

CVE-2006-5509

Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.

Max CVSS

7.5

EPSS Score

0.80%

Published

2006-10-25

Updated

2018-10-17

CVE-2006-5508

Multiple SQL injection vulnerabilities in addentry.php in WoltLab Burning Book 1.1.2 allow remote attackers to execute arbitrary SQL commands via (1) the n parameter and (2) the User-Agent HTTP header.

Max CVSS

7.5

EPSS Score

0.44%

Published

2006-10-25

Updated

2018-10-17

CVE-2005-0284

SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter.

Max CVSS

7.5

EPSS Score

0.18%

Published

2005-01-10

Updated

2017-07-11

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!