Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0638

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2006-0638
Last Modified 07 Mar 2011 09:30:29
Published 10 Feb 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-0638

Summary

SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter.

Vulnerable Systems

Application

  • Mybulletinboard 1.0.3


References

VUPEN - ADV-2006-0475

BID - 16538

BUGTRAQ - 20060207 [myimei]MyBB1.0.3~moderation.php~SqlInject while merging posts

OSVDB - 22957

SECUNIA - 18754

MISC - http://myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html


Last Updated: 27 May 2016 10:41:44