Woltlab Burning Board 2.3.6 Pl2 modcp.php cross-site request forgery

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in Woltlab Burning Board 2.3.6 Pl2 (Content Management System) and classified as problematic. This vulnerability affects an unknown code block of the file modcp.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field	03/16/2015 01:43 PM	11/09/2017 09:34 AM
type	Content Management System	Content Management System
vendor	Woltlab	Woltlab
name	Burning Board	Burning Board
version	2.3.6 Pl2	2.3.6 Pl2
file	modcp.php	modcp.php
cwe	352 (cross site request forgery)	352 (cross site request forgery)
risk	1	1
cvss2_vuldb_basescore	4.3	4.3
cvss2_vuldb_tempscore	4.1	4.1
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	M	M
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	N	N
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	N	N
cvss2_nvd_av	N	N
cvss2_nvd_ac	M	M
cvss2_nvd_au	N	N
cvss2_nvd_ci	N	N
cvss2_nvd_ii	P	P
cvss2_nvd_ai	N	N
cvss3_meta_basescore	4.3	4.3
cvss3_meta_tempscore	4.2	4.2
cvss3_vuldb_basescore	4.3	4.3
cvss3_vuldb_tempscore	4.2	4.2
date	1201564800 (01/29/2008)	1201564800 (01/29/2008)
price_0day	$0-$5k	$0-$5k
cve	CVE-2008-0472	CVE-2008-0472
cve_nvd_published	1201564800	1201564800
cve_nvd_summary	Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.	Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.
xforce	39878	39878
xforce_title	WoltLab Burning Board modcp.php cross-site request forgery	WoltLab Burning Board modcp.php cross-site request forgery
xforce_identifier	wbb-modcp-csrf	wbb-modcp-csrf
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_ui	R	R
location	Website	Website
cvss2_vuldb_e	H	H
cvss2_vuldb_rl	U	U
cvss2_vuldb_rc	UR	UR
cvss3_vuldb_e	H	H
cvss3_vuldb_rl	U	U
cvss3_vuldb_rc	R	R
cvss3_vuldb_pr	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	N	N
cvss3_vuldb_i	L	L
cvss3_vuldb_a	N	N
url		http://www.securityfocus.com/archive/1/archive/1/486884/100/0/threaded
cve_assigned		1201564800
secunia		28634

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!