Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WoltLab Burning Board可猜测帐户激活字符串漏洞
Vulnerability Description
WoltLab Burning Board是一款免费基于WEB的论坛程序,由PHP结合MYSQL编写。 WoltLab Burning Board在激活帐户处理上存在漏洞,可导致远程攻击者提交激活URL请求激活帐户。 当用户在WoltLab Burning Board论坛上建立一新帐户时,他们会获得一链接,必须点击此链接才能激活使用新的帐户,不过此链接使用可猜测 格式,任意攻击者可以通过提交类似的激活用户链接请求来激活其他用户的帐户功能。
CVSS Information
N/A
Vulnerability Type
N/A