Description

Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection.

Remediation

References

CVE-2008-3070

Related Vulnerabilities

MySQL Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2010-2008)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2361)

SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17292)

MySQL CVE-2017-10284 Vulnerability (CVE-2017-10284)

Joomla Improper Input Validation Vulnerability (CVE-2008-4103)

Severity

High

Classification

CVE-2008-3070

Tags

Missing Update Known Vulnerabilities