Description
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the (1) user search or (2) Mail Log in the Admin Control Panel (ACP).
Remediation
References
Related Vulnerabilities
Java Unspesificed Vulnerability (CVE-2018-3150)
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3736)
WordPress Plugin Leaky Paywall Cross-Site Scripting (4.16.5)
ZenCart Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2024-5762)