CVE-2005-2580

Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 with Security Patch allow remote attackers to execute arbitrary SQL commands via the Username field in (1) index.php or (2) member.php, action parameter to (3) search.php or (4) member.php, or (5) polloptions parameter to polls.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mybulletinboard:mybulletinboard:1.00_rc4_security_patch:*:*:*:*:*:*:*

History

20 Nov 2024, 23:59

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=112387501519835&w=2 - () http://marc.info/?l=bugtraq&m=112387501519835&w=2 -
References () http://www.securityfocus.com/bid/14553 - () http://www.securityfocus.com/bid/14553 -

Information

Published : 2005-08-16 04:00

Updated : 2024-11-20 23:59


NVD link : CVE-2005-2580

Mitre link : CVE-2005-2580

CVE.ORG link : CVE-2005-2580


JSON object : View

Products Affected

mybulletinboard

  • mybulletinboard