Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-5508 | 1 Woltlab | 1 Burning Book | 2018-10-17 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in addentry.php in WoltLab Burning Book 1.1.2 allow remote attackers to execute arbitrary SQL commands via (1) the n parameter and (2) the User-Agent HTTP header. | |||||
CVE-2006-5509 | 1 Woltlab | 1 Burning Book | 2018-10-17 | 7.5 HIGH | N/A |
Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter. | |||||
CVE-2005-0284 | 1 Woltlab | 1 Burning Book | 2017-07-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter. |