WowBB <= 1.61 Multiple Flaws Network Vulnerability

Summary

The remote web server contains a PHP application that is prone to multiple flaws. Description : The remote host is running WowBB, a web-based forum written in PHP. According to its version, the remote installation of WowBB is 1.61 or older. Such versions are vulnerable to cross-site scripting and SQL injection attacks. A malicious user can steal users' cookies, including authentication cookies, and manipulate SQL queries.

Solution

Unknown at this time.

References

http://www.maxpatrol.com/advdetails.asp?id=7

Updated on 2015-03-25

Severity

Classification

CVE CVE-2004-2180, CVE-2004-2181
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
AlienVault OSSIM 'date_from' Parameter Multiple SQL Injection Vulnerabilities
Adobe ColdFusion Authentication Bypass Vulnerability
AlefMentor Multiple SQL Injection Vulnerabilities
AlstraSoft AskMe Pro 'forum_answer.php' and 'profile.php' Multiple SQL Injection Vulnerabilities

WowBB <= 1.61 multiple flaws

Take action and discover your vulnerabilities