CVE-2007-6518
Summary
| CVE | CVE-2007-6518 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-12-24 20:46:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Woltlab | Burning Board Lite | 1.0.2 | All | All | All |
| Application | Woltlab | Burning Board Lite | 1.0.2_pl3e | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| Woltlab Burning Board Lite Search.PHP Multiple SQL Injection Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Exploit |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| www.osvdb.org/39497 | af854a3a-2127-422b-91ae-364da2661108 | www.osvdb.org | |
| Woltlab Burning Board Lite "search.php" SQL Injection Vulnerabilities - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| Webmail- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.