| VID |
21708 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The MyBulletinBoard program is vulnerable to an SQL injection vulnerability in the 'member.php' script. MyBulletinBoard is a freely available forum package developed in PHP and MYSQL. MyBulletinBoard version 1.00 RC4 allows a remote attacker to execute arbitrary SQL commands, caused by improper filtering of user-supplied input passed to the 'uid' parameter of the 'member.php' script. If the magic_quotes_gpc option is disabled, this vulnerability could permit a remote attacker to pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.
* References:
http://marc.theaimsgroup.com/?l=bugtraq&m=110486566600980&w=2
http://osvdb.org/displayvuln.php?osvdb_id=12798
http://secunia.com/advisories/13722
* Platforms Affected:
MyBB Group, MyBulletinBoard version 1.00 RC4
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of September 2005.
Upgrade to the latest version of MyBulletinBoard, when new fixed version becomes available from the MyBB Group Download Web site at http://www.mybboard.com
As a workaround, set "magic_quotes_gpc" to "On" in php.ini file. |
| Related URL |
CVE-2005-0282,CVE-2005-2697 (CVE) |
| Related URL |
12161 (SecurityFocus) |
| Related URL |
18755 (ISS) |
|
