CVE-2006-0959
SQL injection vulnerability in misc.php in MyBulletinBoard MyBB 1.03, when registerglobals is enabled, allows remote attackers to execute arbitrary SQL commands by setting the comma variable value via the comma parameter in a cookie. NOTE: 1.04 has also been reported to be affected...