2 matches found
CVE-2006-3775
SQL injection vulnerability in the init function in classsession.php in MyBB aka MyBulletinBoard 1.1.5 allows remote attackers to execute arbitrary SQL commands via the CLIENT-IP HTTP header $SERVER'HTTPCLIENTIP' variable, as utilized by index.php...
CVE-2006-3775
Summary: CVE-2006-3775 affects MyBB (MyBulletinBoard) via the init function in class_session.php, version 1.1.5, allowing remote attackers to execute arbitrary SQL commands through the CLIENT-IP HTTP header used by index.php. Related entries extend the issue to MyBB 1.2.3 and earlier (create_sess...