CVE-2007-1518

Woltlab Burning Board - SQL Injection

Title source: rule

Description

SQL injection vulnerability in usergroups.php in Woltlab Burning Board (wBB) 2.x allows remote attackers to execute arbitrary SQL commands via the array index of the applicationids array.

Exploits (1)

exploitdb WORKING POC VERIFIED

by x666 · perlwebappsphp

https://www.exploit-db.com/exploits/3483

View Code ZIP pw:eip

References (4)

[Third Party Advisory] http://securityreason.com/securityalert/2455

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/463002/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/462860/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/22970

Scores

EPSS 0.0036

EPSS Percentile 58.3%

Details

Status published

Products (23)

woltlab/burning_board 2.0

woltlab/burning_board 2.0.3

woltlab/burning_board 2.0_beta_3

woltlab/burning_board 2.0_beta_4

woltlab/burning_board 2.0_beta_5

woltlab/burning_board 2.0_rc1

woltlab/burning_board 2.0_rc2

woltlab/burning_board 2.1.5

woltlab/burning_board 2.1.6

woltlab/burning_board 2.2.1

... and 13 more

Published Mar 20, 2007

Tracked Since Feb 18, 2026