Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

Woltlab Burning Board SQL injection flaw Vulnerability Scan


Vulnerability Scan Summary
Checks SQL injection flaw in Woltlab Burning Board Database module

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP script that is susceptible to SQL
injection attacks.

Description:

The remote version of Burning Board includes an optional module, the
Database module, that fails to properly sanitize the 'fileid'
parameter of the 'info_db.php' script, which can be exploited to
launch SQL injection attacks against the affected host.

See also:

http://www.securityfocus.com/archive/1/426583/30/0/threaded

Solution:

Unknown at this time.

Threat Level:

High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.