Woltlab : Security Vulnerabilities, CVEs, Published In 2008

CVE-2008-1717

WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.
Max CVSS
5.0
EPSS Score
0.65%
Published
2008-04-09
Updated
2018-10-11

CVE-2008-1716

Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the (1) page and (2) form parameters, which are not properly handled when they are reflected back in an error message.
Max CVSS
4.3
EPSS Score
0.27%
Published
2008-04-09
Updated
2018-10-11

CVE-2008-1323

Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board Lite (wBB) 2 Beta 1 allows remote attackers to delete threads as other users via the ThreadDelete action.
Max CVSS
6.8
EPSS Score
0.33%
Published
2008-03-13
Updated
2018-10-11

CVE-2008-0857

SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via the sortOrder parameter to the PMList page.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-02-21
Updated
2018-10-15

CVE-2008-0472

Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.
Max CVSS
4.3
EPSS Score
0.15%
Published
2008-01-29
Updated
2018-10-15
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close