WEB APPLICATION VULNERABILITIES Standard & Premium

MyBB Other Vulnerability (CVE-2007-2212)

Description

Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) month parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Remediation

References

Related Vulnerabilities

Internet Information Services Integer Overflow or Wraparound Vulnerability (CVE-2008-1446)

WordPress Other Vulnerability (CVE-2007-3544)

WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-4048)

WordPress Plugin All-in-One WP Migration Multiple Cross-Site Request Forgery Vulnerabilities (7.1)

WordPress Plugin Content text slider on post Cross-Site Scripting (6.8)

Severity

High

Classification

CVE-2007-2212

Tags

Missing Update Known Vulnerabilities