Description

Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection.

Remediation

References

CVE-2008-3070

Related Vulnerabilities

PHP Release of Invalid Pointer or Reference Vulnerability (CVE-2022-31625)

WordPress Plugin Checkout Field Editor for WooCommerce (Pro) Arbitrary File Deletion (3.6.2)

WildFly Application Server Uncontrolled Resource Consumption Vulnerability (CVE-2016-9589)

MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-5612)

WordPress Plugin YITH WooCommerce Wishlist SQL Injection (2.1.2)

Severity

High

Classification

CVE-2008-3070

Tags

Missing Update Known Vulnerabilities