CVE-2008-7192

Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.

Published: Sep 9, 2009
Updated: Apr 13, 2023
CVE: CVE-2008-7192
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
woltlab / burning_board	3.0.1	3.0.1.x

http://www.securityfocus.com/archive/1/487139/100/200/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/39990

Vulnerability Database

289,784

CVE-2008-7192