CVE-2005-3326

Mybulletinboard - SQL Injection

Title source: rule

Description

SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the awayday parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Animal · perlwebappsphp

https://www.exploit-db.com/exploits/26396

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securityfocus.com/archive/1/414672

[Various Sources] http://community.mybboard.net/showthread.php?tid=4507&pid=27223#pid27223

[Third Party Advisory, VDB Entry] http://www.osvdb.org/20700

[Exploit] http://www.securityfocus.com/bid/15204

Scores

EPSS 0.0056

EPSS Percentile 68.5%

Details

Status published

Products (2)

mybulletinboard/mybulletinboard 1.0_pr2

mybulletinboard/mybulletinboard rc4

Published Oct 27, 2005

Tracked Since Feb 18, 2026