CVE-2007-6518

Name of the Vulnerable Software and Affected Versions WoltLab Burning Board (wBB) Lite version 1.0.2 pl3e

Description The issue concerns multiple SQL injection vulnerabilities in the search.php file. These vulnerabilities allow remote attackers to execute arbitrary SQL commands by manipulating specific parameters. The vulnerable parameters are showposts, sortby, and sortorder.

Recommendations For WoltLab Burning Board (wBB) Lite version 1.0.2 pl3e, consider restricting access to the search.php file until a patch is available. As a temporary workaround, avoid using the showposts, sortby, and sortorder parameters in the search functionality to minimize the risk of exploitation.