WEB APPLICATION VULNERABILITIES Standard & Premium

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27890)

Description

SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files.

Remediation

References

Related Vulnerabilities

WordPress Plugin Users to CSV Cross-Site Request Forgery (1.4.5)

WordPress Plugin ABASE Multiple Vulnerabilities (2.6)

Python Other Vulnerability (CVE-2006-1542)

MySQL CVE-2013-0385 Vulnerability (CVE-2013-0385)

Joomla! Core 4.x.x Cross-Site Scripting (4.0.0 - 4.2.4)

Severity

High

Classification

CVE-2021-27890 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities