Description

SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2012-2325

Related Vulnerabilities

WordPress Plugin cformsII Multiple Cross-Site Scripting Vulnerabilities (14.13.2)

Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-0156)

WordPress Plugin TheThe Layout Grid Cross-Site Scripting (1.0.0)

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7136)

Apache HTTP Server Numeric Errors Vulnerability (CVE-2006-3747)

Severity

High

Classification

CVE-2012-2325 CWE-138

Tags

Missing Update Known Vulnerabilities