Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2888


Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2888
Last Modified 05 Sep 2008 04:52:56
Published 14 Sep 2005 04:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) Preview Release 2 allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter to misc.php or (2) Content-Disposition field in the HTTP header to newreply.php.

Vulnerable Systems


XF - mybb-misc-newreply-sql-injection(22192)

SECUNIA - 16738

BUGTRAQ - 20050907 SQL Injection[2] In MyBB PR2

Last Updated: 27 May 2016 10:40:40