CVE-2008-0472
published 2008-01-29CVE-2008-0472: Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators…
PriorityP413medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
0.53%
40.7th percentile
Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| woltlab | burning_board | — | — |
| woltlab | burning_board | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-w6p8-2rhg-6vh7: Cross-site request forgery (CSRF) vulnerability in index
ghsa_unreviewed·2022-05-14·CVSS 4.3
CVE-2008-7192 [MEDIUM] CWE-352 GHSA-w6p8-2rhg-6vh7: Cross-site request forgery (CSRF) vulnerability in index
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.
GHSA
GHSA-2jwc-65g4-xvmm: Cross-site request forgery (CSRF) vulnerability in modcp
ghsa_unreviewed·2022-05-01
CVE-2008-0472 [MEDIUM] CWE-352 GHSA-2jwc-65g4-xvmm: Cross-site request forgery (CSRF) vulnerability in modcp
Cross-site request forgery (CSRF) vulnerability in modcp.php in Woltlab Burning Board (wBB) 2.3.6 PL2 allows remote attackers to delete threads as moderators or administrators via a thread_del action.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/28634http://securityreason.com/securityalert/3586http://www.securityfocus.com/archive/1/486884/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/39878http://secunia.com/advisories/28634http://securityreason.com/securityalert/3586http://www.securityfocus.com/archive/1/486884/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/39878
2008-01-29
Published