Wowbb : Security Vulnerabilities, CVEs,

CVE-2005-4431

SQL injection vulnerability in WowBB 1.65 allows remote attackers to execute arbitrary SQL commands via the q parameter to search.php. NOTE: the view_user.php/sort_by vector is already covered by CVE-2005-1554 and CVE-2004-2181.
Max CVSS
7.5
EPSS Score
0.32%
Published
2005-12-21
Updated
2008-09-20

CVE-2005-1554

SQL injection vulnerability in view_user.php in WowBB 1.6, 1.61, and 1.62 allows remote attackers to execute arbitrary SQL commands via the sort_by parameter.
Max CVSS
7.5
EPSS Score
0.51%
Published
2005-05-14
Updated
2017-07-11

CVE-2004-2181

Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id parameter to view_topic.php. NOTE: the sort_by vector was later reported to be present in WowBB 1.65.
Max CVSS
7.5
EPSS Score
0.23%
Published
2004-12-31
Updated
2009-06-25

CVE-2004-2180

Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the (1) country parameter to view_user.php, (2) show parameter to view_forum.php, (3) letter parameter to view_user.php, (4) highlight parameter to view_topic.php, (5) show parameter to index.php, (6) q parameter to search.php, (7) Referer header to admin.php, or the (8) user_email parameter to login.php.
Max CVSS
4.3
EPSS Score
0.14%
Published
2004-12-31
Updated
2008-09-05
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close