CVE-2007-2212

Mybb - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) month parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by 0x86 · perlwebappsphp

https://www.exploit-db.com/exploits/3780

View Code ZIP pw:eip

References (1)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/33814

Scores

EPSS 0.0033

EPSS Percentile 56.1%

Details

Status published

Products (1)

mybb/mybb 1.2.5

Published Apr 24, 2007

Tracked Since Feb 18, 2026