CVE-2007-0388

SQL injection vulnerability in search.php in Woltlab Burning Board (wBB) 1.0.2 and earlier, and 2.3.6 and earlier in the 2.x series, allows remote attackers to execute arbitrary SQL commands via the boardids[1] and other boardids[] parameters.

Published: Jan 20, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-0388
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
woltlab / burning_board	-	1.0.2.x
woltlab / burning_board	-	2.3.6.x

http://osvdb.org/33872
https://exchange.xforce.ibmcloud.com/vulnerabilities/31550
https://www.exploit-db.com/exploits/3143
https://www.exploit-db.com/exploits/3144

Vulnerability Database

289,784

CVE-2007-0388