CVE-2008-6632 February 26, 2023 by SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER[‘HTTP_USER_AGENT’]).
