CVE-2010-5096

MyBB < 1.6.1 - SQL Injection via Search or Private Keywords Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-5096. PoCs published by Aung Khant.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in MyBB 1.6 by injecting malicious input into the search.php endpoint via the 'keywords' parameter. The payload bypasses sanitization and manipulates the SQL query to potentially access or modify data.

Description

Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes this issue, saying "Although this doesn't lead to an SQL injection, it does provide a general MyBB SQL error.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Aung Khant · textwebappsphp
https://www.exploit-db.com/exploits/35140

This exploit demonstrates a SQL injection vulnerability in MyBB 1.6 by injecting malicious input into the search.php endpoint via the 'keywords' parameter. The payload bypasses sanitization and manipulates the SQL query to potentially access or modify data.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: MyBB 1.6
No auth needed
Prerequisites: Access to the MyBB search.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Aung Khant · textwebappsphp
https://www.exploit-db.com/exploits/35141

This exploit demonstrates a SQL injection vulnerability in MyBB 1.6 by injecting malicious input into the 'keywords' parameter of a POST request to private.php. The payload bypasses authentication and manipulates the SQL query to potentially access or modify data.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: MyBB 1.6
No auth needed
Prerequisites: Access to the target MyBB instance · Ability to send crafted POST requests
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/70014
Issue Tracking x_refsource_misc
http://dev.mybb.com/issues/1330
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/08/7
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/70013
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45565
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/03/25/1
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/08/3
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/03/23/4

Scores

EPSS 0.0558
EPSS Percentile 91.9%

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (44)
mybb/mybb 1.00
mybb/mybb 1.0 beta4 (7 CPE variants)
mybb/mybb 1.01
mybb/mybb 1.1.0
mybb/mybb 1.1.1
mybb/mybb 1.1.2
mybb/mybb 1.1.3
mybb/mybb 1.1.4
mybb/mybb 1.1.5
mybb/mybb 1.1.6
... and 34 more
Published Aug 13, 2012
Tracked Since Feb 18, 2026