[R]

**Name of the Vulnerable Software and Affected Versions** Woltlab Burning Board versions 2.7 and earlier **Description** The issue concerns SQL injection vulnerabilities in the Info-DB module. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The `fileid` and `subkatid` parameters are specifically vulnerable to this type of attack. **Recommendations** For versions 2.7 and earlier, consider restricting access to the Info-DB module until a fix is available. As a temporary workaround, avoid using the `fileid` and `subkatid` parameters in the affected module.

**Name of the Vulnerable Software and Affected Versions** phpBB Knowledge Base module (affected versions not specified) **Description** The issue allows remote attackers to obtain sensitive information and execute SQL commands. This is achieved by exploiting a SQL injection vulnerability in the kb.php file of the Knowledge Base module. The vulnerability is specifically tied to the `cat` parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.