Description

SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2016-9402

Related Vulnerabilities

Oracle Database Server CVE-2009-1979 Vulnerability (CVE-2009-1979)

WordPress Plugin Poll, Survey, Form & Quiz Maker by OpinionStage Unspecified Vulnerability (15.0.0)

WordPress Plugin Caldera Forms-More Than Contact Forms Cross-Site Scripting (1.4.1)

WordPress Plugin Responsive Poll Security Bypass (1.3.4)

Oracle Database Server CVE-2006-0283 Vulnerability (CVE-2006-0283)

Severity

Critical

Classification

CVE-2016-9402 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities