Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Woltlab Subscribe
Total 46 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-3219 1 Woltlab 1 Burning Board 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in thread.php in Woltlab Burning Board (WBB) 2.2.2 allows remote attackers to execute arbitrary SQL commands via the threadid parameter.
CVE-2006-0927 2 Jgs-xa, Woltlab 2 Jgs-gallery Addon, Burning Board 2024-02-04 2.6 LOW N/A
Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and earlier for Woltlab Burning Board (wBB) 2.x allow remote attackers to inject arbitrary web script or HTML via the (1) userid parameter in (a) jgs_galerie_slideshow.php and (b) jgs_galerie_scroll.php, and the (2) katid parameter in (c) jgs_galerie_slideshow.php.
CVE-2006-2792 1 Woltlab 1 Burning Board 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in misc.php in Woltlab Burning Board (WBB) 2.3.4 allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2002-2021 1 Woltlab 1 Burning Board 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2002-0903 1 Woltlab 1 Burning Board 2024-02-04 7.5 HIGH N/A
register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value.
CVE-2002-1505 1 Woltlab 1 Burning Board 2024-02-04 7.5 HIGH N/A
SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.