CVE-2008-0382
22.01.2008, 20:00
Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
Vendor | Product | Version |
---|---|---|
mybulletinboard | mybulletinboard | 1.0 |
mybulletinboard | mybulletinboard | 1.0.1 |
mybulletinboard | mybulletinboard | 1.0.2 |
mybulletinboard | mybulletinboard | 1.0.3 |
mybulletinboard | mybulletinboard | 1.0.4 |
mybulletinboard | mybulletinboard | 1.0_pr2:_pr2 |
mybulletinboard | mybulletinboard | 1.1 |
mybulletinboard | mybulletinboard | 1.1.1 |
mybulletinboard | mybulletinboard | 1.1.2 |
mybulletinboard | mybulletinboard | 1.1.3 |
mybulletinboard | mybulletinboard | 1.1.4 |
mybulletinboard | mybulletinboard | 1.1.5 |
mybulletinboard | mybulletinboard | 1.1.7 |
mybulletinboard | mybulletinboard | 1.1.8 |
mybulletinboard | mybulletinboard | 1.2 |
mybulletinboard | mybulletinboard | 1.2.3 |
mybulletinboard | mybulletinboard | 1.2.5 |
mybulletinboard | mybulletinboard | 1.2.10 |
mybulletinboard | mybulletinboard | 1.10 |
𝑥
= Vulnerable software versions
References