CVE-2005-0661

Published: May 2, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board 2.0.3 through 2.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) lastvisit cookie.

Affected (4)

Products: Woltlab: Burning Board

Woltlab

1 product

Burning Board

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Woltlab Burning Board	Version 2.0.3
Woltlab Burning Board	Version 2.1.5
Woltlab Burning Board	Version 2.2.1
Woltlab Burning Board	Version 2.3.0

References (4)

http://secunia.com/advisories/14450

Source: cve@mitre.org

Patch

http://securitytracker.com/id?1013351

Source: cve@mitre.org

http://secunia.com/advisories/14450

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://securitytracker.com/id?1013351

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.