CVE-2005-2778

Properties

Published:
01.09.2005
Updated:
20.10.2005
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Approximated
Product:
MyBulletinBoard: MyBulletinBoard
MyBulletinBoard: MyBulletinBoard
MyBulletinBoard: MyBulletinBoard
MyBulletinBoard: MyBulletinBoard

Vulnerability description

SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL statements via the fid parameter.

References:

BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=112535137320050&w=2
BID: http://www.securityfocus.com/bid/14684
BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=112535137320050&w=2