WoltLab Burning Board (wBB) 'thread.php'SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1193356 漏洞类型 SQL注入
发布时间 2006-09-27 更新时间 2006-09-27
CVE编号 CVE-2006-5029 CNNVD-ID CNNVD-200609-512
漏洞平台 N/A CVSS评分 7.5
|漏洞来源
https://www.securityfocus.com/bid/83662
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200609-512
|漏洞详情
WoltLabBurningBoard(wBB)2.3.x的thread.php中存在SQL注入漏洞,远程攻击者可以通过page参数获取PHP、MySQL和wBB的版本号。
|受影响的产品
Woltlab Burning Board 2.3.4 Woltlab Burning Board 2.3.5 Woltlab Burning Board 2.3.3 Woltlab Burning Board 2.3.2 Woltlab Burning Board 2.3.1 Woltlab Burning Board 2.3.0
|参考资料

来源:BUGTRAQ
名称:20060921WoltlabBurningBoard2.3.XSQLInjectionVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/446743/100/0/threaded
来源:BUGTRAQ
名称:20060923Re:WoltlabBurningBoard2.3.XSQLInjectionVulnerability
链接:http://www.securityfocus.com/archive/1/446937/100/0/threaded
来源:BUGTRAQ
名称:20060926Re:Re:WoltlabBurningBoard2.3.XSQLInjectionVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/447069/100/100/threaded
来源:BUGTRAQ
名称:20060924Re:WoltlabBurningBoard2.3.XSQLInjectionVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/446938/100/100/threaded