SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the awayday parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mybulletinboard | Mybulletinboard | 1.0_pr2 (including) | 1.0_pr2 (including) |
| Mybulletinboard | Mybulletinboard | rc4 (including) | rc4 (including) |
References
- http://community.mybboard.net/showthread.php?tid=4507\u0026pid=27223#pid27223
- http://www.osvdb.org/20700
- http://www.securityfocus.com/archive/1/414672
- http://www.securityfocus.com/bid/15204
- http://community.mybboard.net/showthread.php?tid=4507\u0026pid=27223#pid27223
- http://www.osvdb.org/20700
- http://www.securityfocus.com/archive/1/414672
- http://www.securityfocus.com/bid/15204