Description
SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulletinBoard) 1.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CVE-2006-3775.
Remediation
References
Related Vulnerabilities
Jenkins Other Vulnerability (CVE-2015-5319)
WordPress Plugin Simple Job Board Directory Traversal (2.9.3)
WordPress Plugin User Verification Security Bypass (1.0.93)
WordPress Plugin WP Live Chat Support Pro Unspecified Vulnerability (8.0.07)
Apache Traffic Server CVE-2023-44487 Vulnerability (CVE-2023-44487)