Vulnerability Description
Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the wbb_userid parameter to the top-level URI. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in wBB Lite.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Woltlab | Burning Board Lite | 1.0.2 |
References
- http://retrogod.altervista.org/wbblite_102_sql.htmlExploit
- http://www.securityfocus.com/archive/1/452561/100/0/threaded
- http://www.securityfocus.com/bid/21265
- http://retrogod.altervista.org/wbblite_102_sql.htmlExploit
- http://www.securityfocus.com/archive/1/452561/100/0/threaded
- http://www.securityfocus.com/bid/21265
FAQ
What is CVE-2006-6289?
CVE-2006-6289 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows rem...
How severe is CVE-2006-6289?
CVE-2006-6289 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6289?
Check the references section above for vendor advisories and patch information. Affected products include: Woltlab Burning Board Lite.