Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2022-10-03T16:21:03
Updated: 2024-06-04T18:44:49.399Z
Reserved: 2022-10-03T00:00:00
Link: CVE-2010-5096
JSON object: View
NVD Information
Status : Modified
Published: 2012-08-13T23:55:00.850
Modified: 2024-06-04T19:16:52.920
Link: CVE-2010-5096
JSON object: View
Redhat Information
No data.
CWE