First published: Tue Jan 31 2017(Updated: )
SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MyBB Merge System | <=1.8.5 | |
Mybb Mybb | <=1.6.17 | |
Mybb Mybb | =1.8.0 | |
Mybb Mybb | =1.8.1 | |
Mybb Mybb | =1.8.2 | |
Mybb Mybb | =1.8.3 | |
Mybb Mybb | =1.8.4 | |
Mybb Mybb | =1.8.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.