CVE-2007-2211

Mybulletinboard < 1.2.5 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a dayview action.

Exploits (1)

exploitdb WORKING POC VERIFIED
by 0x86 · perlwebappsphp
https://www.exploit-db.com/exploits/3780

References (5)

Scores

EPSS 0.0069
EPSS Percentile 71.9%

Details

Status published
Products (1)
mybulletinboard/mybulletinboard < 1.2.5
Published Apr 24, 2007
Tracked Since Feb 18, 2026