The remote web server is running a version of MyBB earlier than 1.4.7. Such versions reportedly fail to properly sanitize user-supplied data to the โbirthdayprivacyโ parameter of the โusercp.phpโ script before using it in an SQL query. An attacker could exploit this flaw to access or modify sensitive information.
Binary data 5085.prm
Vendor | Product | Version | CPE |
---|---|---|---|
mybulletinboard | mybulletinboard | cpe:/a:mybulletinboard:mybulletinboard |