CVE-2007-1963

2007-04-11T10:19:00
ID CVE-2007-1963
Type cve
Reporter cve@mitre.org
Modified 2018-10-16T16:41:00

Description

SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulletinBoard) 1.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CVE-2006-3775.