Detections
Analytics
Woltlab Burning Board modcp.php Multiple Parameter SQL Injection
medium Nessus Plugin ID 19524
Language:
Synopsis
The remote web server contains a PHP script that is prone to SQL injection attacks.Description
The remote version of Burning Board / Burning Board Lite is prone to SQL injection attacks due to its failure to sanitize user-supplied input to the 'x' and 'y' parameters of the 'modcp.php' script before using it in database queries. Provided an attacker has moderator privileges, these flaws may allow him to uncover sensitive information (such as password hashes), modify existing data, and launch attacks against the underlying database.Solution
Unknown at this time.See Also
Plugin Details
Severity: Medium
ID: 19524
File Name: burning_board_xy_sql_injection.nasl
Version: 1.20
Type: remote
Family: CGI abuses
Published: 8/30/2005
Updated: 4/7/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.6
CVSS v2
Risk Factor: Medium
Base Score: 4.6
Temporal Score: 4.6
Vector: CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:woltlab:burning_board
Required KB Items: www/PHP
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Available: true
Exploit Ease: No exploit is required
Vulnerability Publication Date: 8/20/2005
Reference Information
CVE: CVE-2005-2673
BID: 14617