What is the severity of CVE-2012-2324?

CVE-2012-2324 is considered a high severity vulnerability due to the potential for remote execution of arbitrary SQL commands.

How do I fix CVE-2012-2324?

To remediate CVE-2012-2324, upgrade MyBB to version 1.6.7 or later, which contains security fixes addressing this vulnerability.

Which versions of MyBB are affected by CVE-2012-2324?

CVE-2012-2324 affects all MyBB versions prior to 1.6.7, including versions as early as 1.0 up to 1.6.6.

What type of vulnerability is CVE-2012-2324?

CVE-2012-2324 is classified as an SQL injection vulnerability, allowing attackers to execute unauthorized SQL commands.

Who can be impacted by CVE-2012-2324?

Remote administrators utilizing affected versions of MyBB may be particularly vulnerable to exploitation via CVE-2012-2324.

Vulnerability/
CVE-2012-2324

high

7.5

CWE

13/8/2012

16/9/2024

CVE-2012-2324: SQL Injection

First published: Mon Aug 13 2012(Updated: )

Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the (1) user search or (2) Mail Log in the Admin Control Panel (ACP).

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
MyBB	<=1.6.6
MyBB	=1.00
MyBB	=1.0-beta4
MyBB	=1.0-pr1
MyBB	=1.0-pr2
MyBB	=1.0-rc1
MyBB	=1.0-rc2
MyBB	=1.0-rc3
MyBB	=1.0-rc4
MyBB	=1.01
MyBB	=1.1.0
MyBB	=1.1.1
MyBB	=1.1.2
MyBB	=1.1.3
MyBB	=1.1.4
MyBB	=1.1.5
MyBB	=1.1.6
MyBB	=1.1.7
MyBB	=1.1.8
MyBB	=1.02
MyBB	=1.2.0
MyBB	=1.2.1
MyBB	=1.2.2
MyBB	=1.2.3
MyBB	=1.2.4
MyBB	=1.2.5
MyBB	=1.2.6
MyBB	=1.2.7
MyBB	=1.2.8
MyBB	=1.2.9
MyBB	=1.2.10
MyBB	=1.2.11
MyBB	=1.2.12
MyBB	=1.2.13
MyBB	=1.2.14
MyBB	=1.03
MyBB	=1.3-pre-1.0
MyBB	=1.04
MyBB	=1.4.0
MyBB	=1.4.1
MyBB	=1.4.2
MyBB	=1.4.3
MyBB	=1.4.4
MyBB	=1.4.5
MyBB	=1.4.6
MyBB	=1.4.7
MyBB	=1.4.8
MyBB	=1.4.9
MyBB	=1.4.10
MyBB	=1.4.11
MyBB	=1.4.12
MyBB	=1.4.13
MyBB	=1.4.14
MyBB	=1.4.15
MyBB	=1.4.16
MyBB	=1.5.1
MyBB	=1.5.2
MyBB	=1.6.1
MyBB	=1.6.2
MyBB	=1.6.3
MyBB	=1.6.4
MyBB	=1.6.5

Remedy

http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-2324?
CVE-2012-2324 is considered a high severity vulnerability due to the potential for remote execution of arbitrary SQL commands.
How do I fix CVE-2012-2324?
To remediate CVE-2012-2324, upgrade MyBB to version 1.6.7 or later, which contains security fixes addressing this vulnerability.
Which versions of MyBB are affected by CVE-2012-2324?
CVE-2012-2324 affects all MyBB versions prior to 1.6.7, including versions as early as 1.0 up to 1.6.6.
What type of vulnerability is CVE-2012-2324?
CVE-2012-2324 is classified as an SQL injection vulnerability, allowing attackers to execute unauthorized SQL commands.
Who can be impacted by CVE-2012-2324?
Remote administrators utilizing affected versions of MyBB may be particularly vulnerable to exploitation via CVE-2012-2324.

agent/references
agent/type
agent/softwarecombine
agent/severity
agent/remedy
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
vendor/mybb
canonical/mybb
version/mybb/1.6.6
version/mybb/1.00
version/mybb/1.0-beta4
version/mybb/1.0-pr1
version/mybb/1.0-pr2
version/mybb/1.0-rc1
version/mybb/1.0-rc2
version/mybb/1.0-rc3
version/mybb/1.0-rc4
version/mybb/1.01
version/mybb/1.1.0
version/mybb/1.1.1
version/mybb/1.1.2
version/mybb/1.1.3
version/mybb/1.1.4
version/mybb/1.1.5
version/mybb/1.1.6
version/mybb/1.1.7
version/mybb/1.1.8
version/mybb/1.02
version/mybb/1.2.0
version/mybb/1.2.1
version/mybb/1.2.2
version/mybb/1.2.3
version/mybb/1.2.4
version/mybb/1.2.5
version/mybb/1.2.6
version/mybb/1.2.7
version/mybb/1.2.8
version/mybb/1.2.9
version/mybb/1.2.10
version/mybb/1.2.11
version/mybb/1.2.12
version/mybb/1.2.13
version/mybb/1.2.14
version/mybb/1.03
version/mybb/1.3-pre-1.0
version/mybb/1.04
version/mybb/1.4.0
version/mybb/1.4.1
version/mybb/1.4.2
version/mybb/1.4.3
version/mybb/1.4.4
version/mybb/1.4.5
version/mybb/1.4.6
version/mybb/1.4.7
version/mybb/1.4.8
version/mybb/1.4.9
version/mybb/1.4.10
version/mybb/1.4.11
version/mybb/1.4.12
version/mybb/1.4.13
version/mybb/1.4.14
version/mybb/1.4.15
version/mybb/1.4.16
version/mybb/1.5.1
version/mybb/1.5.2
version/mybb/1.6.1
version/mybb/1.6.2
version/mybb/1.6.3
version/mybb/1.6.4
version/mybb/1.6.5