Woltlab Burning Board 2.3.6 Pl2 modcp.php cross-site request forgery

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in Woltlab Burning Board 2.3.6 Pl2 (Content Management System) and classified as problematic. This vulnerability affects an unknown code block of the file modcp.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field03/16/2015 01:43 PM11/09/2017 09:34 AM
typeContent Management SystemContent Management System
vendorWoltlabWoltlab
nameBurning BoardBurning Board
version2.3.6 Pl22.3.6 Pl2
filemodcp.phpmodcp.php
cwe352 (cross site request forgery)352 (cross site request forgery)
risk11
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore4.14.1
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore4.34.3
cvss3_meta_tempscore4.24.2
cvss3_vuldb_basescore4.34.3
cvss3_vuldb_tempscore4.24.2
date1201564800 (01/29/2008)1201564800 (01/29/2008)
price_0day$0-$5k$0-$5k
cveCVE-2008-0472CVE-2008-0472
cve_nvd_published12015648001201564800
cve_nvd_summaryCross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.
xforce3987839878
xforce_titleWoltLab Burning Board modcp.php cross-site request forgeryWoltLab Burning Board modcp.php cross-site request forgery
xforce_identifierwbb-modcp-csrfwbb-modcp-csrf
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
locationWebsiteWebsite
cvss2_vuldb_eHH
cvss2_vuldb_rlUU
cvss2_vuldb_rcURUR
cvss3_vuldb_eHH
cvss3_vuldb_rlUU
cvss3_vuldb_rcRR
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
urlhttp://www.securityfocus.com/archive/1/archive/1/486884/100/0/threaded
cve_assigned1201564800
secunia28634

Might our Artificial Intelligence support you?

Check our Alexa App!