Description
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the (1) user search or (2) Mail Log in the Admin Control Panel (ACP).
Remediation
References
Related Vulnerabilities
WordPress 2.3.2 Post Edit Unauthorized Access Vulnerability (0.7 - 2.3.2)
WordPress Plugin Page Builder:Live Composer Cross-Site Scripting (1.5.22)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-8011)
Atlassian Jira CVE-2019-20404 Vulnerability (CVE-2019-20404)
WordPress Plugin Child Theme Creator by Orbisius Arbitrary File Modification (1.2.6)