Vulnerability Description
SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin for MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mybb | Mybb | All versions |
| Mybboard | Custom Pages Plugin | 1.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/28652Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41685
- https://www.exploit-db.com/exploits/5379
- http://www.securityfocus.com/bid/28652Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41685
- https://www.exploit-db.com/exploits/5379
FAQ
What is CVE-2008-6198?
CVE-2008-6198 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin for MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the page parameter.
How severe is CVE-2008-6198?
CVE-2008-6198 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6198?
Check the references section above for vendor advisories and patch information. Affected products include: Mybb Mybb, Mybboard Custom Pages Plugin.