Every CVE whose affected-product data names Woltlab Burning Board, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (31)
CVE-2002-0903 — CVSS 7.5 (high): register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to…
CVE-2002-1505 — CVSS 7.5 (high): SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the…
CVE-2006-1094 — CVSS 7.5 (high): SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL…
CVE-2006-2569 — CVSS 7.5 (high): SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and earlier, a module for Woltlab Burning Board, allows remote attackers to…
CVE-2006-2792 — CVSS 7.5 (high): SQL injection vulnerability in misc.php in Woltlab Burning Board (WBB) 2.3.4 allows remote attackers to execute arbitrary SQL commands via…
CVE-2006-3218 — CVSS 7.5 (high): SQL injection vulnerability in profile.php in Woltlab Burning Board (WBB) 2.1.6 allows remote attackers to execute arbitrary SQL commands…
CVE-2006-3219 — CVSS 7.5 (high): SQL injection vulnerability in thread.php in Woltlab Burning Board (WBB) 2.2.2 allows remote attackers to execute arbitrary SQL commands…
CVE-2006-3220 — CVSS 7.5 (high): SQL injection vulnerability in studienplatztausch.php in Woltlab Burning Board (WBB) 2.2.1 allows remote attackers to execute arbitrary SQL…
CVE-2006-3254 — CVSS 7.5 (high): SQL injection vulnerability in newthread.php in Woltlab Burning Board (WBB) 2.0 RC2 allows remote attackers to execute arbitrary SQL…
CVE-2006-3255 — CVSS 7.5 (high): SQL injection vulnerability in showmods.php in Woltlab Burning Board (WBB) 1.2 allows remote attackers to execute arbitrary SQL commands…
CVE-2006-3256 — CVSS 7.5 (high): SQL injection vulnerability in report.php in Woltlab Burning Board (WBB) 2.3.1 allows remote attackers to execute arbitrary SQL commands…
CVE-2006-5029 — CVSS 7.5 (high): SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of…
CVE-2007-0388 — CVSS 7.5 (high): SQL injection vulnerability in search.php in Woltlab Burning Board (wBB) 1.0.2 and earlier, and 2.3.6 and earlier in the 2.x series, allows…
CVE-2007-1518 — CVSS 7.5 (high): SQL injection vulnerability in usergroups.php in Woltlab Burning Board (wBB) 2.x allows remote attackers to execute arbitrary SQL commands…
CVE-2008-0857 — CVSS 7.5 (high): SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via…
CVE-2005-0661 — CVSS 7.5 (high): SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board 2.0.3 through 2.3.0 allows remote…
CVE-2005-1642 — CVSS 7.5 (high): SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier allows remote attackers to execute…
CVE-2005-2673 — CVSS 7.5 (high): SQL injection vulnerability in modcp.php in WoltLab Burning Board 2.2.2 and 2.3.3 allows remote authenticated attackers to execute…
CVE-2006-4317 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab Burning Board (WBB) 2.3.5 allows remote attackers to inject arbitrary…
CVE-2008-7192 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows…
CVE-2005-1285 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject…
CVE-2008-1717 — CVSS 5.0 (medium): WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page…
CVE-2006-1215 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in misc.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web…
CVE-2002-2021 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote attackers to inject arbitrary web script or…
CVE-2005-1327 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject…
CVE-2008-1716 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers…
CVE-2006-1034 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning Board (wBB) allow remote attackers to inject arbitrary web script or…
CVE-2007-1443 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e…
CVE-2008-0472 — CVSS 4.3 (medium): Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete…
CVE-2006-0927 — CVSS 2.6 (low): Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and earlier for Woltlab Burning Board (wBB) 2.x…