Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2005-0661

SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board 2.0.3 through 2.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) lastvisit cookie.

  • Published: May 2, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-0661
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
woltlab / burning_board 2.2.1 2.2.1.x
woltlab / burning_board 2.1.5 2.1.5.x
woltlab / burning_board 2.3.0 2.3.0.x
woltlab / burning_board 2.0.3 2.0.3.x