Woltlab Burning Books Variable Overwrite Vulnerability

Woltlab Burning Books is prone to a variable-overwrite vulnerability because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit this issue to overwrite the configuration variables with arbitrary input. The attacker may then be able perform cross-site scripting, SQL-injection, and other attacks.

Version 1.1.2 is vulnerable to this issue; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus