CVE-2006-5508

WoltLab Burning Book 1.1.2 - SQL Injection via n Parameter or User-Agent Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5508.

AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in WoltLab Burning Book <=1.1.2 by injecting malicious SQL into the 'n' parameter of the addentry.php endpoint. It creates a new template record that executes arbitrary PHP code (phpinfo()) via SQL injection, demonstrating remote code execution.

Description

Multiple SQL injection vulnerabilities in addentry.php in WoltLab Burning Book 1.1.2 allow remote attackers to execute arbitrary SQL commands via (1) the n parameter and (2) the User-Agent HTTP header.

Exploits (1)

exploitdb WORKING POC

perlwebappsphp

https://www.exploit-db.com/exploits/2579

View Code ZIP pw:eip

This Perl script exploits a SQL injection vulnerability in WoltLab Burning Book <=1.1.2 by injecting malicious SQL into the 'n' parameter of the addentry.php endpoint. It creates a new template record that executes arbitrary PHP code (phpinfo()) via SQL injection, demonstrating remote code execution.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: WoltLab Burning Book <=1.1.2

No auth needed

Prerequisites: Network access to the target application · The addentry.php endpoint must be accessible

MITRE ATT&CK