Published: 02/03/2006 Updated: 18/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03, when register_globals is enabled, allows remote malicious users to execute arbitrary SQL commands by setting the comma variable value via the comma parameter in a cookie. NOTE: 1.04 has also been reported to be affected.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mybulletinboard mybulletinboard 1.0.3
mybulletinboard mybulletinboard 1.0.4

#!/usr/bin/perl -w # MyBB <= 104 (miscphp COMMA) Remote SQL Injection Exploit 2 , Perl C0d3 # # Milw0rm ID :- # wwwmilw0rmcom/authphp?id=1539 # D3vil-0x1 | Devil-00 < BlackHat > :) # # DONT FORGET TO DO YOUR CONFIG !! # DONT FORGET TO DO YOUR CONFIG !! # DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; ##-- Start --# $host ...

MyBB New SQL Injection D3vil-0x1 < Devil-00 > Milw0rm ID :- wwwmilw0rmcom/authphp?id=1320 The InfFile :- miscphp Linez :- [code] $buddies = $mybb->user['buddylist']; $namesarray = explode(",",$buddies); if(is_array($namesarray)) { while(list($key, $buddyid) = each($namesarray)) { $sql = "$comma'$buddyid'" ...

CWE-89 http://secunia.com/advisories/19061 http://www.securityfocus.com/bid/16631 http://www.osvdb.org/23554 http://securityreason.com/securityalert/512 http://www.vupen.com/english/advisories/2006/0774 https://exchange.xforce.ibmcloud.com/vulnerabilities/24953 https://www.exploit-db.com/exploits/1539 http://www.securityfocus.com/archive/1/426653/100/0/threaded http://www.securityfocus.com/archive/1/426320/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1548/

CVE-2006-0959

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect