Vulnerability Details : CVE-2006-3758
inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) 1.1.4 calls the extract function with EXTR_OVERWRITE on HTTP POST and GET variables, which allows remote attackers to overwrite arbitrary variables, as demonstrated via an SQL injection using the _SERVER[HTTP_CLIENT_IP] parameter in archive/index.php.
Vulnerability category: Sql Injection
Exploit prediction scoring system (EPSS) score for CVE-2006-3758
1.33%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less