CVE-2006-1912
The CVE-2006-1912 issue affects MyBB 1.1.0 where the constant KILL_GLOBAL is not set in global.php and inc/init.php. This allows a remote attacker to initialize arbitrary variables processed by an @extract, which could be leveraged to perform cross-site scripting (XSS) or SQL injection. Multiple ...