Description

SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2012-2325

Related Vulnerabilities

WordPress Plugin wpDataTables-WordPress Tables & Table Charts Arbitrary File Upload (1.5.3)

WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Scripting (1.13.4)

WordPress 2.8.2 Multiple Security Bypass Vulnerabilities (2.0 - 2.8.2)

Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2018-20346)

Python Out-of-bounds Write Vulnerability (CVE-2019-12900)

Severity

High

Classification

CVE-2012-2325 CWE-138

Tags

Missing Update Known Vulnerabilities