Sql injection

2013-12-0418:56:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.8%

JSON

Multiple SQL injection vulnerabilities in ajaxfs.php in the Ajax forum stat (Ajaxfs) Plugin 2.0 for MyBB (aka MyBulletinBoard) allow remote attackers to execute arbitrary SQL commands via the (1) tooltip or (2) usertooltip parameter.

CPENameOperatorVersion
ajax_forum_stateq2.0

CPE	Name	Operator	Version
	ajax_forum_stat	eq	2.0

References

osvdb.org/100030

packetstormsecurity.com/files/124091/MyBB-Ajaxfs-SQL-Injection.html

seclists.org/bugtraq/2013/Nov/102

www.iedb.ir/exploits-889.html

exchange.xforce.ibmcloud.com/vulnerabilities/89084

www.exploit-db.com/exploits/29797