SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and earlier, a module for Woltlab Burning Board, allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| woltlab | burning_board | 2.0_beta_4 |
| woltlab | burning_board | 2.0_rc2 |
| woltlab | burning_board | 2.3.3 |
| woltlab | burning_board | 2.3.4 |
| woltlab | burning_board | 2.0_rc1 |
| woltlab | burning_board | 2.0_beta_3 |
| woltlab | burning_board | 2.2.2 |
| 4r_linklist | 4r_linklist | * |
| woltlab | burning_board | 2.0_beta_5 |
| woltlab | burning_board | 2.3.1 |