CVE-2008-0382

Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.

Link	Resource
http://www.securityfocus.com/bid/27322
http://secunia.com/advisories/28509	Vendor Advisory
http://securityreason.com/securityalert/3559
https://www.exploit-db.com/exploits/4928
https://www.exploit-db.com/exploits/4927
http://www.securityfocus.com/archive/1/486434/100/0/threaded

Configuration 1

cpe:2.3:a:mybulletinboard:mybulletinboard:1.10:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.1:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.3:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.0:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.8:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.2:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.5:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.3:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.10:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.3:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.5:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.0_pr2:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.1:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.4:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.1:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.4:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.2:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.2:*:*:*:*:*:*:* cpe:2.3:a:mybulletinboard:mybulletinboard:1.1.7:*:*:*:*:*:*:*

---

Published : 2008-01-22 08:00

Updated : 2018-10-15 09:59

---

NVD link : CVE-2008-0382

Mitre link : CVE-2008-0382

No products.

CWE-94