CVE-2006-1094 Information

Description

SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to (1) info_db.php or (2) database.php.

Reference

http://www.nukedx.com/?viewdoc=17 http://www.osvdb.org/23808 http://www.osvdb.org/23810 http://www.securityfocus.com/archive/1/426583 http://www.securityfocus.com/bid/16914