Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MyBB Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-2324 - Vulnerability Database
MyBB

MyBB Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-2324

High
Reference: CVE-2012-2324
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-2324
Title: MyBB Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the (1) user search or (2) Mail Log in the Admin Control Panel (ACP).