ID CVE-2006-0638
Summary SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.3:*:*:*:*:*:*:*
CVSS
Base: 6.5 (as of 19-10-2018 - 15:45)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:P/A:P
refmap via4
bid 16538
bugtraq 20060207 [myimei]MyBB1.0.3~moderation.php~SqlInject while merging posts
misc http://myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html
osvdb 22957
secunia 18754
vupen ADV-2006-0475
Last major update 19-10-2018 - 15:45
Published 10-02-2006 - 11:02
Last modified 19-10-2018 - 15:45
Back to Top