Filtered by vendor Woltlab Subscriptions
Total 46 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-3369 1 Woltlab 1 Burning Board 2026-04-16 N/A
Multiple SQL injection vulnerabilities in the Info-DB module (info_db.php) in Woltlab Burning Board 2.7 and earlier allow remote attackers to execute arbitrary SQL commands and possibly upload files via the (1) fileid and (2) subkatid parameters.
CVE-2006-3220 1 Woltlab 1 Burning Board 2026-04-16 N/A
SQL injection vulnerability in studienplatztausch.php in Woltlab Burning Board (WBB) 2.2.1 allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2006-2569 2 4r Linklist, Woltlab 2 4r Linklist, Burning Board 2026-04-16 N/A
SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and earlier, a module for Woltlab Burning Board, allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2006-3219 1 Woltlab 1 Burning Board 2026-04-16 N/A
SQL injection vulnerability in thread.php in Woltlab Burning Board (WBB) 2.2.2 allows remote attackers to execute arbitrary SQL commands via the threadid parameter.
CVE-2010-1339 2 Robertotto, Woltlab 2 Teamsite Hack Plugin, Burning Board 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to inject arbitrary web script or HTML via the userid parameter in a modboard action, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1338 2 Robertotto, Woltlab 2 Teamsite Hack Plugin, Burning Board 2025-04-11 N/A
SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action.