SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab Burning Board (WBB3) allows remote attackers to execute arbitrary SQL commands via the userID parameter in the RGalleryUserGallery page to index.php, a different vector than CVE-2008-4627.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2009-07-02 10:30
Updated : 2024-02-28 11:21
NVD link : CVE-2009-2311
Mitre link : CVE-2009-2311
CVE.ORG link : CVE-2009-2311
JSON object : View
Products Affected
woltlab
- burning_board
selbstzweck
- rgallery_plugin
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')