Burning Book

burning_book

Vendor: Woltlab • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2006-5509 1Woltlab 1Burning Book Apr 23, 2026 Oct 25, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval...Show more Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.Show less
CVE-2006-5508 1Woltlab 1Burning Book Apr 23, 2026 Oct 25, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple SQL injection vulnerabilities in addentry.php in WoltLab Burning Book 1.1.2 allow remote attackers to execute arbitrary SQL commands via (1) the n parameter and (2) the User-Agent HTTP header.
CVE-2005-0284 1Woltlab 1Burning Book Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter.