|
|
CVE Reference: CVE-2006-3775 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-3775 |
|
|
Description: SQL injection vulnerability in the init function in class_session.php in MyBB (aka MyBulletinBoard) 1.1.5 allows remote attackers to execute arbitrary SQL commands via the CLIENT-IP HTTP header ($_SERVER['HTTP_CLIENT_IP'] variable), as utilized by index.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/27752 SREASON http://securityreason.com/securityalert/1262 SAID Secunia Advisory: SA21070 MISC http://retrogod.altervista.org/mybb_115_sql.html CONFIRM http://www.mybboard.com/archive.php?nid=16 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/440163/100/0/threaded |
|
| Return to the previous page. |
