CVE-2008-0382

Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
VendorProductVersion
mybulletinboardmybulletinboard
1.0
mybulletinboardmybulletinboard
1.0.1
mybulletinboardmybulletinboard
1.0.2
mybulletinboardmybulletinboard
1.0.3
mybulletinboardmybulletinboard
1.0.4
mybulletinboardmybulletinboard
1.0_pr2:_pr2
mybulletinboardmybulletinboard
1.1
mybulletinboardmybulletinboard
1.1.1
mybulletinboardmybulletinboard
1.1.2
mybulletinboardmybulletinboard
1.1.3
mybulletinboardmybulletinboard
1.1.4
mybulletinboardmybulletinboard
1.1.5
mybulletinboardmybulletinboard
1.1.7
mybulletinboardmybulletinboard
1.1.8
mybulletinboardmybulletinboard
1.2
mybulletinboardmybulletinboard
1.2.3
mybulletinboardmybulletinboard
1.2.5
mybulletinboardmybulletinboard
1.2.10
mybulletinboardmybulletinboard
1.10
𝑥
= Vulnerable software versions