CVE-2006-3775
Mybulletinboard - SQL Injection
Title source: ruleDescription
SQL injection vulnerability in the init function in class_session.php in MyBB (aka MyBulletinBoard) 1.1.5 allows remote attackers to execute arbitrary SQL commands via the CLIENT-IP HTTP header ($_SERVER['HTTP_CLIENT_IP'] variable), as utilized by index.php.
Exploits (1)
References (7)
Scores
EPSS
0.0210
EPSS Percentile
84.1%
Details
CWE
CWE-89
Status
published
Products (1)
mybulletinboard/mybulletinboard
1.1.5
Published
Jul 24, 2006
Tracked Since
Feb 18, 2026