Vulnerabilities

CVE-2006-0959

by Fred · 02/03/2006

SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands by setting the comma variable value via the comma parameter in a cookie. NOTE: 1.04 has also been reported to be affected.

Date published : 2006-03-02

http://www.securityfocus.com/bid/16631

http://www.securityfocus.com/archive/1/426320/100/0/threaded

Similar

Tags: Cybersecurity Alert