Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-0787

Опубликовано: 15 фев. 2008
Источник: nvd
CVSS2: 6.5
EPSS Низкий

Описание

SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mybulletinboard:mybulletinboard:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_pr2:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.10:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:rc1:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:rc2:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:rc3:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:rc4:*:*:*:*:*:*:*

EPSS

Процентиль: 81%
0.0163
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

github логотип

GHSA-9m3m-gpf3-gvw3

github
почти 4 года назад

SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.

EPSS

Процентиль: 81%
0.0163
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89