CVE-2006-0638

Published: Feb 10, 2006Modified: Apr 16, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter.

Affected (1)

Products: Mybulletinboard: Mybulletinboard

Mybulletinboard

1 product

Mybulletinboard

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mybulletinboard Mybulletinboard	Version 1.0.3

References (12)

http://myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html

Source: cve@mitre.org

ExploitVendor Advisory

http://secunia.com/advisories/18754

Source: cve@mitre.org

http://www.osvdb.org/22957

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/424335/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16538

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/0475

Source: cve@mitre.org

http://myimei.com/security/2006-02-07/mybb103moderationphpsqlinject-while-merging-posts.html