HTTP: PHP Woltlab Burning Board SQL Injection
Any user on the bulletin board can comprimise any other user's account by exploiting a vulnerability in board.php. Board.php does not perform proper input validation and therefore is subject to executing user-supplied SQL statements. This is known to affect Woltlab Burning Board 2.0 RC 1 and earlier versions.
Extended Description
WoltLab is prone to SQL injection attacks. This is due to insufficient sanitization of parameters handled by the board.php script, which may be supplied externally via the query string in a web request. The logic of a SQL query made by the script may be modified, resulting in the potential for database corruption. It has been demonstrated that it is possible to exploit this condition to gain administrative privileges within the bulletin board system.
Affected Products
Woltlab burning_board
Short Name
HTTP:PHP:WOLTAB-SQL-INJ
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Board Burning CVE-2002-1505 Injection PHP SQL Woltlab bid:5675
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Woltlab
CVSS Score
7.5