Lucene search

PRIOn knowledge basePRION:CVE-2006-2103

HistoryApr 29, 2006 - 10:02 a.m.

Sql injection

2006-04-2910:02:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.3%

JSON

SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the (1) query string ($querystring variable) in (a) admin/adminlogs.php, which is not properly handled by adminfunctions.php; or (2) setid, (3) expand, (4) title, or (5) sid2 parameters to (b) admin/templates.php.

CPENameOperatorVersion
mybulletinboardeq1.1.1

CPE	Name	Operator	Version
	mybulletinboard	eq	1.1.1

References

secunia.com/advisories/19865

securityreason.com/securityalert/808

www.osvdb.org/25074

www.osvdb.org/25075

www.securityfocus.com/archive/1/432229/100/0/threaded

www.vupen.com/english/advisories/2006/1566

exchange.xforce.ibmcloud.com/vulnerabilities/26103

8.7 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for PRION:CVE-2006-2103

cve1