• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

MyBB 'moderation.php' Multiple SQL Injection Vulnerabilities

Bugtraq ID:	27323
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Jan 16 2008 12:00AM
Updated:	Jan 17 2008 01:59AM
Credit:	Janek Vind "waraxe" is credited with the discovery of these vulnerabilities.
Vulnerable:	MyBulletinBoard MyBulletinBoard 1.2.10 MyBulletinBoard MyBulletinBoard 1.2.5 MyBulletinBoard MyBulletinBoard 1.2.3 MyBulletinBoard MyBulletinBoard 1.1.8 MyBulletinBoard MyBulletinBoard 1.1.7 MyBulletinBoard MyBulletinBoard 1.1.7 MyBulletinBoard MyBulletinBoard 1.1.6 MyBulletinBoard MyBulletinBoard 1.1.5 MyBulletinBoard MyBulletinBoard 1.1.4 MyBulletinBoard MyBulletinBoard 1.1.3 MyBulletinBoard MyBulletinBoard 1.1.2 MyBulletinBoard MyBulletinBoard 1.1.2 MyBulletinBoard MyBulletinBoard 1.1.1 MyBulletinBoard MyBulletinBoard 1.1 MyBulletinBoard MyBulletinBoard 1.0.4 MyBulletinBoard MyBulletinBoard 1.0.3 MyBulletinBoard MyBulletinBoard 1.0.2 MyBulletinBoard MyBulletinBoard 1.0.1 MyBulletinBoard MyBulletinBoard 1.0 PR2 MyBulletinBoard MyBulletinBoard 1.0 MyBulletinBoard MyBulletinBoard RC4 MyBulletinBoard MyBulletinBoard RC3 MyBulletinBoard MyBulletinBoard RC2 MyBulletinBoard MyBulletinBoard RC1 MyBulletinBoard MyBulletinBoard 1.2 MyBulletinBoard MyBulletinBoard 1.10
Not Vulnerable:	MyBulletinBoard MyBulletinBoard 1.2.11