CVE-2005-3369
Summary
Multiple SQL injection vulnerabilities in the Info-DB module (info_db.php) in Woltlab Burning Board 2.7 and earlier allow remote attackers to execute arbitrary SQL commands and possibly upload files via the (1) fileid and (2) subkatid parameters.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published