Description
Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection.
Remediation
References
Related Vulnerabilities
WordPress Plugin SS Downloads Multiple Cross-Site Scripting Vulnerabilities (1.4.4.1)
ownCloud Other Vulnerability (CVE-2012-5057)
WordPress Plugin Contus HD FLV Player 'process-sortable.php' SQL Injection (1.3)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-11327)