CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
78.0%
SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to (1) info_db.php or (2) database.php.
Vendor | Product | Version | CPE |
---|---|---|---|
datenbank_module | datenbank_module | * | cpe:2.3:a:datenbank_module:datenbank_module:*:*:*:*:*:*:*:* |
woltlab | burning_board | 1.1.1 | cpe:2.3:a:woltlab:burning_board:1.1.1:*:*:*:*:*:*:* |
woltlab | burning_board | 2.0_beta_3 | cpe:2.3:a:woltlab:burning_board:2.0_beta_3:*:*:*:*:*:*:* |
woltlab | burning_board | 2.0_beta_4 | cpe:2.3:a:woltlab:burning_board:2.0_beta_4:*:*:*:*:*:*:* |
woltlab | burning_board | 2.0_beta_5 | cpe:2.3:a:woltlab:burning_board:2.0_beta_5:*:*:*:*:*:*:* |
woltlab | burning_board | 2.0_rc1 | cpe:2.3:a:woltlab:burning_board:2.0_rc1:*:*:*:*:*:*:* |
woltlab | burning_board | 2.0_rc2 | cpe:2.3:a:woltlab:burning_board:2.0_rc2:*:*:*:*:*:*:* |
woltlab | burning_board | 2.2.2 | cpe:2.3:a:woltlab:burning_board:2.2.2:*:*:*:*:*:*:* |
woltlab | burning_board | 2.3.1 | cpe:2.3:a:woltlab:burning_board:2.3.1:*:*:*:*:*:*:* |
woltlab | burning_board | 2.3.3 | cpe:2.3:a:woltlab:burning_board:2.3.3:*:*:*:*:*:*:* |