Lucene search

[email protected]CVE-2006-0638

HistoryFeb 10, 2006 - 11:02 a.m.

CVE-2006-0638

2006-02-1011:02:00

[email protected]

web.nvd.nist.gov

mybb

sql injection

cve-2006-0638

nvd

vulnerability

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.0%

JSON

SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter.

Affected configurations

NVD

Node

mybulletinboardmybulletinboardMatch1.0.3

CPENameOperatorVersion
mybulletinboard:mybulletinboardmybulletinboardeq1.0.3

CPE	Name	Operator	Version
mybulletinboard:mybulletinboard	mybulletinboard	eq	1.0.3

References

myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html

secunia.com/advisories/18754

www.osvdb.org/22957

www.securityfocus.com/archive/1/424335/100/0/threaded

www.securityfocus.com/bid/16538

www.vupen.com/english/advisories/2006/0475

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.0%

JSON

Related for CVE-2006-0638

nvd1 cvelist1 prion1