Vulnerability Details CVE-2005-2697
SQL injection vulnerability in search.php for MyBulletinBoard (MyBB) 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.2%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2005-2697
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc1
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc2
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc3
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc4