Vulnerability Details CVE-2009-2230
SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) before 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://blog.mybboard.net/2009/06/15/mybb-147-released-security-update/
- http://mybboard.net/download/104
- http://secunia.com/advisories/35517
- http://www.exploit-db.com/exploits/9001
- http://www.securityfocus.com/bid/35458
- http://www.vupen.com/english/advisories/2009/1653
- http://blog.mybboard.net/2009/06/15/mybb-147-released-security-update/
- http://mybboard.net/download/104
- http://secunia.com/advisories/35517
- http://www.exploit-db.com/exploits/9001
- http://www.securityfocus.com/bid/35458
- http://www.vupen.com/english/advisories/2009/1653
Products affected by CVE-2009-2230
-
cpe:2.3:a:mybulletinboard:mybulletinboard:*
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.1
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.2
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.3
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.4
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.2
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.3
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.4
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.5
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.6
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.7
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.8
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.10
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.11
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.3
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.5
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.4.2
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.4.3
-
cpe:2.3:a:mybulletinboard:mybulletinboard:1.4.5