CVE-2006-1094

Datenbank MOD < 2.7 for Woltlab Burning Board - SQL Injection via fileid Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1094. PoCs published by nukedx.

AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in Woltlab Burning Board 2.x's Datenbank MOD to extract user credentials (username, email, and MD5 password hash) by manipulating the 'fileid' parameter.

Description

SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to (1) info_db.php or (2) database.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by nukedx · perlwebappsphp
https://www.exploit-db.com/exploits/1544

This Perl script exploits a SQL injection vulnerability in Woltlab Burning Board 2.x's Datenbank MOD to extract user credentials (username, email, and MD5 password hash) by manipulating the 'fileid' parameter.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Woltlab Burning Board 2.x with Datenbank MOD
No auth needed
Prerequisites: Target must be running Woltlab Burning Board 2.x with vulnerable Datenbank MOD · Network access to the target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/426583
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/23810
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16914
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/23808
Various Sources x_refsource_misc
http://www.nukedx.com/?viewdoc=17

Scores

EPSS 0.0235
EPSS Percentile 81.5%

Details

Status published
Products (14)
datenbank_module/datenbank_module < 2.7
woltlab/burning_board 1.1.1
woltlab/burning_board 2.0_beta_3
woltlab/burning_board 2.0_beta_4
woltlab/burning_board 2.0_beta_5
woltlab/burning_board 2.0_rc1
woltlab/burning_board 2.0_rc2
woltlab/burning_board 2.2.2
woltlab/burning_board 2.3.1
woltlab/burning_board 2.3.3
... and 4 more
Published Mar 09, 2006
Tracked Since Feb 18, 2026