Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7192


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-7192
Last Modified 28 Sep 2009 12:00:00
Published 09 Sep 2009 03:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.

Vulnerable Systems


  • Woltlab Burning Board 3.0.1


XF - wbb-index-csrf(39990)

BUGTRAQ - 20080126 WoltLab Burning Board 3.x.x Private Message Delete XSRF Vulnerability

Last Updated: 27 May 2016 10:49:30