CVE-2021-27946

HIGH

MyBB <1.8.26 - SQL Injection

Title source: llm

Description

SQL Injection vulnerability in MyBB before 1.8.26 via poll vote count. (issue 1 of 3).

Exploits (1)

exploitdb WORKING POC
by SivertPL · textwebappsphp
https://www.exploit-db.com/exploits/49699

References (2)

Scores

CVSS v3 8.8
EPSS 0.0012
EPSS Percentile 29.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
mybb/mybb < 1.8.26
Published Mar 15, 2021
Tracked Since Feb 18, 2026