WoltLab Burning Board Lite ADDENTRY.PHP SQL Injection Vulnerability
BID:12214
Info
WoltLab Burning Board Lite ADDENTRY.PHP SQL Injection Vulnerability
| Bugtraq ID: | 12214 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 10 2005 12:00AM |
| Updated: | Jan 10 2005 12:00AM |
| Credit: | Discovery is credited to Martin Heistermann <[email protected]>. |
| Vulnerable: |
Woltlab Burning Board Lite 1.0.1 e Woltlab Burning Board Lite 1.0 .0 |
| Not Vulnerable: | |
Discussion
WoltLab Burning Board Lite ADDENTRY.PHP SQL Injection Vulnerability
WoltLab Burning Board Lite is reported prone to an SQL injection vulnerability. The vulnerability exists in the 'addentry.php' script.
An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information.
This issue reportedly affects WoltLab Burning Board Lite 1.0 Gold and 1.1.1e. It is possible that other versions are affected as well.
WoltLab Burning Board Lite is reported prone to an SQL injection vulnerability. The vulnerability exists in the 'addentry.php' script.
An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information.
This issue reportedly affects WoltLab Burning Board Lite 1.0 Gold and 1.1.1e. It is possible that other versions are affected as well.
Exploit / POC
WoltLab Burning Board Lite ADDENTRY.PHP SQL Injection Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
WoltLab Burning Board Lite ADDENTRY.PHP SQL Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
WoltLab Burning Board Lite ADDENTRY.PHP SQL Injection Vulnerability
References:
References:
- CityForFree Product Page (CityForFree)
- Woltlab Burning Book addentry.php SQL Injection (Martin Heistermann
)