Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter in a do_multimovethreads action to (a) moderation.php; or (4) gid parameter to (b) admin/usergroups.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MyBB 多个SQL注入漏洞
Vulnerability Description
MyBB 是一款开源的BBS系统 MyBB 1.2.10以及之前版本中的多个SQL注入漏洞允许远程主持人和管理员借助以下几种方式执行任意的SQL命令:(1)moderation.php中的do_mergeposts操作的mergepost参数,(2)allreports操作中的rid参数,(3)moderation.php中的do_multimovethreads操作的threads参数或者(4)admin/usergroups.php的gid参数。
CVSS Information
N/A
Vulnerability Type
N/A