Unrated severityNVD Advisory· Published Sep 27, 2006· Updated Jun 16, 2026

CVE-2006-5029

Description

SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.

Affected products

Woltlab/Burning Board7 versions
cpe:2.3:a:woltlab:burning_board:2.3.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:woltlab:burning_board:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:woltlab:burning_board:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:woltlab:burning_board:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:woltlab:burning_board:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:woltlab:burning_board:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:woltlab:burning_board:2.3.5:*:*:*:*:*:*:*
- (no CPE)range: 2.3.x

Patches

Vulnerability mechanics

References

www.securityfocus.com/archive/1/446743/100/0/threadednvd
www.securityfocus.com/archive/1/446937/100/0/threadednvd
www.securityfocus.com/archive/1/446938/100/100/threadednvd
www.securityfocus.com/archive/1/447069/100/100/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000