Back to search
CVE-2010-5096
Published: Aug 13, 2012
Modified: Sep 17, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
70014
vdb-entry
x_refsource_OSVDB
http://dev.mybb.com/issues/1330
x_refsource_MISC
[oss-security] 20120508 Re: CVE-request: MyBB before 1.6.1
mailing-list
x_refsource_MLIST
70013
vdb-entry
x_refsource_OSVDB
45565
vdb-entry
x_refsource_BID
[oss-security] 20120325 Re: CVE-request: MyBB 1.6 <= SQL Injection
mailing-list
x_refsource_MLIST
[oss-security] 20120508 CVE-request: MyBB before 1.6.1
mailing-list
x_refsource_MLIST
[oss-security] 20120323 CVE-request: MyBB 1.6 <= SQL Injection
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now