Description

Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection.

Remediation

References

CVE-2008-3070

Related Vulnerabilities

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2020-25644)

WordPress Plugin The Crawl Rate Tracker 'sbtracking-chart-data.php' SQL Injection (2.0.2)

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11620)

Telerik Web UI Inadequate Encryption Strength Vulnerability (CVE-2017-11317)

Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-9588)

Severity

High

Classification

CVE-2008-3070

Tags

Missing Update Known Vulnerabilities