CVE-2007-1518

Woltlab Burning Board 2.x - SQL Injection via applicationids Array Index

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1518. PoCs published by x666.

AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in Woltlab Burning Board 2.X via the usergroups.php file. It extracts user password hashes by manipulating SQL queries through crafted POST requests.

Description

SQL injection vulnerability in usergroups.php in Woltlab Burning Board (wBB) 2.x allows remote attackers to execute arbitrary SQL commands via the array index of the applicationids array.

Exploits (1)

exploitdb WORKING POC VERIFIED
by x666 · perlwebappsphp
https://www.exploit-db.com/exploits/3483

This Perl script exploits a SQL injection vulnerability in Woltlab Burning Board 2.X via the usergroups.php file. It extracts user password hashes by manipulating SQL queries through crafted POST requests.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Woltlab Burning Board 2.X
Auth required
Prerequisites: Valid user credentials or session cookies · Access to the usergroups.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2455
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/463002/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462860/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22970

Scores

EPSS 0.0098
EPSS Percentile 57.7%

Details

Status published
Products (23)
woltlab/burning_board 2.0
woltlab/burning_board 2.0.3
woltlab/burning_board 2.0_beta_3
woltlab/burning_board 2.0_beta_4
woltlab/burning_board 2.0_beta_5
woltlab/burning_board 2.0_rc1
woltlab/burning_board 2.0_rc2
woltlab/burning_board 2.1.5
woltlab/burning_board 2.1.6
woltlab/burning_board 2.2.1
... and 13 more
Published Mar 20, 2007
Tracked Since Feb 18, 2026