Vulnerabilities > CVE-2007-2211 - Unspecified vulnerability in Mybulletinboard
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN mybulletinboard
exploit available
Summary
SQL injection vulnerability in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a dayview action.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | MyBulletinBoard (MyBB) <= 1.2.5 calendar.php Blind SQL Injection Exploit. CVE-2007-2211,CVE-2007-2212. Webapps exploit for php platform |
| file | exploits/php/webapps/3780.pl |
| id | EDB-ID:3780 |
| last seen | 2016-01-31 |
| modified | 2007-04-23 |
| platform | php |
| port | |
| published | 2007-04-23 |
| reporter | 0x86 |
| source | https://www.exploit-db.com/download/3780/ |
| title | MyBulletinBoard MyBB <= 1.2.5 calendar.php Blind SQL Injection Exploit |
| type | webapps |
References
- http://secunia.com/advisories/24967
- http://secunia.com/advisories/24967
- http://www.securityfocus.com/bid/23612
- http://www.securityfocus.com/bid/23612
- http://www.vupen.com/english/advisories/2007/1510
- http://www.vupen.com/english/advisories/2007/1510
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33814
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33814
- https://www.exploit-db.com/exploits/3780
- https://www.exploit-db.com/exploits/3780