Vulnerability Details CVE-2006-0523
SQL injection vulnerability in global.php in MyBB before 1.03 allows remote attackers to execute arbitrary SQL commands via the templatelist variable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://community.mybboard.net/showthread.php?tid=6418
- http://secunia.com/advisories/18678
- http://www.osvdb.org/22903
- http://www.vupen.com/english/advisories/2006/0400
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24416
- http://community.mybboard.net/showthread.php?tid=6418
- http://secunia.com/advisories/18678
- http://www.osvdb.org/22903
- http://www.vupen.com/english/advisories/2006/0400
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24416
Products affected by CVE-2006-0523
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.1
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.2
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_final
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_pr2
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_preview_release_2
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_rc2
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_rc4