Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-2067. PoCs published by Mustafa Can Bjorn IPEKCI.
AI-analyzed exploit summary The provided text describes SQL injection and XSS vulnerabilities in MKPortal 1.1 with vBulletin 3.5.4 due to improper input sanitization. It includes a sample SQLi payload but lacks executable exploit code.
Description
SQL injection vulnerability in vb_board_functions.php in MKPortal 1.1, as used with vBulletin 3.5.4 and earlier, allows remote attackers to execute arbitrary SQL commands via the userid parameter.
Exploits (1)
The provided text describes SQL injection and XSS vulnerabilities in MKPortal 1.1 with vBulletin 3.5.4 due to improper input sanitization. It includes a sample SQLi payload but lacks executable exploit code.