Lucene search

[email protected]CVE-2006-0638

HistoryFeb 10, 2006 - 11:02 a.m.

CVE-2006-0638

2006-02-1011:02:00

[email protected]

web.nvd.nist.gov

mybb

sql injection

cve-2006-0638

nvd

vulnerability

8 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.9%

JSON

SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter.

Affected configurations

NVD

Node

mybulletinboardmybulletinboardMatch1.0.3

CPENameOperatorVersion
mybulletinboard:mybulletinboardmybulletinboardeq1.0.3

CPE	Name	Operator	Version
mybulletinboard:mybulletinboard	mybulletinboard	eq	1.0.3

References

myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html

secunia.com/advisories/18754

www.osvdb.org/22957

www.securityfocus.com/archive/1/424335/100/0/threaded

www.securityfocus.com/bid/16538

www.vupen.com/english/advisories/2006/0475

8 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.9%

JSON

Related for CVE-2006-0638

prion1 cvelist1 nvd1