CVE-2006-2569

4R Linklist < 1.0_rc2 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and earlier, a module for Woltlab Burning Board, allows remote attackers to execute arbitrary SQL commands via the cat parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by 666 · perlwebappsphp

https://www.exploit-db.com/exploits/1810

View Code ZIP pw:eip

References (5)

[Exploit] http://www.securityfocus.com/bid/18077

[Vendor Advisory] http://secunia.com/advisories/20167

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/26592

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/1810

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/1925

Scores

EPSS 0.0103

EPSS Percentile 77.4%

Details

Status published

Products (10)

4r_linklist/4r_linklist < 1.0_rc2

woltlab/burning_board 2.0_beta_3

woltlab/burning_board 2.0_beta_4

woltlab/burning_board 2.0_beta_5

woltlab/burning_board 2.0_rc1

woltlab/burning_board 2.0_rc2

woltlab/burning_board 2.2.2

woltlab/burning_board 2.3.1

woltlab/burning_board 2.3.3

woltlab/burning_board 2.3.4

Published May 24, 2006

Tracked Since Feb 18, 2026