SQL injection vulnerability in search.php for MyBulletinBoard (MyBB) 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282.
Software | From | Fixed in |
---|---|---|
mybulletinboard / mybulletinboard | 1.00_rc1 | 1.00_rc1.x |
mybulletinboard / mybulletinboard | 1.00_rc2 | 1.00_rc2.x |
mybulletinboard / mybulletinboard | 1.00_rc3 | 1.00_rc3.x |
mybulletinboard / mybulletinboard | 1.00_rc4 | 1.00_rc4.x |