Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5509 | 1 Woltlab | 1 Burning Book | 2024-11-21 | 7.5 HIGH | N/A |
| Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter. | |||||
| CVE-2006-5508 | 1 Woltlab | 1 Burning Book | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in addentry.php in WoltLab Burning Book 1.1.2 allow remote attackers to execute arbitrary SQL commands via (1) the n parameter and (2) the User-Agent HTTP header. | |||||
| CVE-2005-0284 | 1 Woltlab | 1 Burning Book | 2024-11-20 | 7.5 HIGH | N/A |
| SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter. | |||||