CVE-2006-5029
Published Sep 27, 2006
Last updated 6 years ago
Overview
- Description
- SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:woltlab:burning_board:2.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67BF2C7A-2689-4760-8CD9-387BD497789E"
},
{
"criteria": "cpe:2.3:a:woltlab:burning_board:2.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A40CCEE5-4B68-4F45-911F-0A7089A0609D"
},
{
"criteria": "cpe:2.3:a:woltlab:burning_board:2.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B5773FB-E267-4546-9E14-782F652C5916"
},
{
"criteria": "cpe:2.3:a:woltlab:burning_board:2.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42CAAE7C-258A-47E0-B832-642C1C466EDB"
},
{
"criteria": "cpe:2.3:a:woltlab:burning_board:2.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "380709B2-5458-46B9-8B23-9F53A15462E1"
},
{
"criteria": "cpe:2.3:a:woltlab:burning_board:2.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94ED665B-3297-4B2E-95DE-DCBAF63D17F4"
}
],
"operator": "OR"
}
]
}
]