Description
MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings.
Remediation
References
Related Vulnerabilities
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-7888)
Ruby on Rails Improper Verification of Intent by Broadcast Receiver Vulnerability (CVE-2026-33173)
Drupal Other Vulnerability (CVE-2002-1806)
Django Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2024-39614)