Vulnerabilities > Mybulletinboard > Mybulletinboard > 1.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-12 | CVE-2006-2336 | SQL Injection vulnerability in Mybulletinboard 1.1.1 SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote attackers to execute arbitrary SQL commands via the comma parameter. | 6.4 |
2006-05-12 | CVE-2006-2333 | SQL-Injection vulnerability in Mybulletinboard 1.1.1 Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.1 allow remote attackers to execute arbitrary SQL commands via the e-mail address when registering for a forum that requires e-mail verification, which is not properly handled in (1) usercp.php and (2) member.php. | 6.4 |
2006-04-29 | CVE-2006-2103 | SQL Injection vulnerability in Mybulletinboard 1.1.1 SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the (1) query string ($querystring variable) in (a) admin/adminlogs.php, which is not properly handled by adminfunctions.php; or (2) setid, (3) expand, (4) title, or (5) sid2 parameters to (b) admin/templates.php. | 2.1 |