Filtered by vendor Woltlab Subscriptions

Search

Switch to Advanced Search (Beta)
Total 46 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-0927 2 Jgs-xa, Woltlab 2 Jgs-gallery Addon, Burning Board 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and earlier for Woltlab Burning Board (wBB) 2.x allow remote attackers to inject arbitrary web script or HTML via the (1) userid parameter in (a) jgs_galerie_slideshow.php and (b) jgs_galerie_scroll.php, and the (2) katid parameter in (c) jgs_galerie_slideshow.php.
CVE-2005-1327 1 Woltlab 1 Burning Board 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter.
CVE-2002-1505 1 Woltlab 1 Burning Board 2025-04-03 N/A
SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.
CVE-2002-2021 1 Woltlab 1 Burning Board 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2006-1034 1 Woltlab 1 Burning Board 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning Board (wBB) allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter to galerie_index.php and possibly (2) galerie_onfly.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. The second vector might not be XSS.
CVE-2006-2569 2 4r Linklist, Woltlab 2 4r Linklist, Burning Board 2025-04-03 N/A
SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and earlier, a module for Woltlab Burning Board, allows remote attackers to execute arbitrary SQL commands via the cat parameter.