Description

SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote attackers to execute arbitrary SQL commands via a certain editor field.

Remediation

References

CVE-2008-3965

Related Vulnerabilities

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14750)

e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)

phpMyAdmin Other Vulnerability (CVE-2006-1803)

WordPress Plugin Front File Manager 'upload.php' Arbitrary File Upload (0.1)

Severity

High

Classification

CVE-2008-3965 CWE-138

Tags

Missing Update Known Vulnerabilities