Vulnerabilities > CVE-2005-1833 - Unspecified vulnerability in Mybulletinboard

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mybulletinboard

exploit available

NVD

Published: 2005-05-31

Updated: 2024-11-20

Summary

Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to calendar.php, (2) idsql parameter to online.php, (3) usersearch parameter to memberlist.php, (4) pid parameter to editpost.php, (5) fid parameter to forumdisplay.php, (6) tid parameter to newreply.php, (7) sid parameter to search.php, (8) tid or (9) pid parameter to showthread.php, (10) tid parameter to usercp2.php, (11) tid parameter to printthread.php, or (12) pid parameter to reputation.php.

Vulnerable Configurations

Part	Description	Count
Application	Mybulletinboard Mybulletinboard Mybulletinboard *	1

Exploit-Db

description	MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit. CVE-2005-1833. Webapps exploit for php platform
id	EDB-ID:1022
last seen	2016-01-31
modified	2005-05-31
published	2005-05-31
reporter	Alberto Trivero
source	https://www.exploit-db.com/download/1022/
title	MyBulletinBoard MyBB <= 1.00 RC4 SQL Injection Exploit

Summary

Vulnerable Configurations

Exploit-Db

References