Vulnerabilities > Mybulletinboard > Mybulletinboard > 1.2.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-06-26 | CVE-2009-2230 | SQL Injection vulnerability in Mybulletinboard SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) before 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy parameter. | 7.5 |
| 2008-02-15 | CVE-2008-0787 | SQL Injection vulnerability in Mybulletinboard SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php. | 6.5 |