{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-12-20T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "woltlab-search-sql-injection(39174)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39174"}, {"name": "20071220 Woltlab Burning Board 1.0.2 SQL-Injection Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/485408/100/0/threaded"}, {"name": "ADV-2007-4300", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/4300"}, {"name": "28188", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28188"}, {"name": "26973", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26973"}, {"name": "39497", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/39497"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6518", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "woltlab-search-sql-injection(39174)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39174"}, {"name": "20071220 Woltlab Burning Board 1.0.2 SQL-Injection Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/485408/100/0/threaded"}, {"name": "ADV-2007-4300", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/4300"}, {"name": "28188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28188"}, {"name": "26973", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26973"}, {"name": "39497", "refsource": "OSVDB", "url": "http://www.osvdb.org/39497"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6518", "datePublished": "2007-12-24T20:00:00", "dateReserved": "2007-12-24T00:00:00", "dateUpdated": "2018-10-15T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:woltlab:burning_board_lite:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "47A4FDEE-C9F9-4F17-98CB-5F9714041C19", "vulnerable": true}, {"criteria": "cpe:2.3:a:woltlab:burning_board_lite:1.0.2_pl3e:*:*:*:*:*:*:*", "matchCriteriaId": "95D354C3-ACC4-430F-A659-379517BC62F5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en search.php en WoltLab Burning Board (wBB) Lite 1.0.2 pl3e permite a atacantes remotos ejecutar comandos de SQL de su elecci\u00f3n a trav\u00e9s de los par\u00e1metros (1) showposts, (2) sortby, y (3) sortorder."}], "id": "CVE-2007-6518", "lastModified": "2018-10-15T21:54:55.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-12-24T20:46:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28188"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/39497"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/485408/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/26973"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/4300"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39174"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}