Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 with Security Patch allow remote malicious users to execute arbitrary SQL commands via the Username field in (1) index.php or (2) member.php, action parameter to (3) search.php or (4) member.php, or (5) polloptions parameter to polls.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mybulletinboard mybulletinboard 1.00_rc4_security_patch |