CVE-2006-0638 : SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.

SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter.

Published 2006-02-10 11:02:00

Updated 2018-10-19 15:45:38

Source MITRE

View at NVD, CVE.org

Vulnerability category: Sql Injection

Products affected by CVE-2006-0638

Mybulletinboard » Mybulletinboard » Version: 1.0.3
cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.3:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-0638

EPSS FAQ

0.82%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 73 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-0638

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P	8.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2006-0638

Jump to

Vulnerability Details : CVE-2006-0638

Products affected by CVE-2006-0638

Exploit prediction scoring system (EPSS) score for CVE-2006-0638

CVSS scores for CVE-2006-0638

References for CVE-2006-0638