A vulnerability has been reported in MyBB, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via the "birthdayprivacy" parameter to inc/datahandlers/user.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires a valid user account. The vulnerability is reported in MyBB 1.4.x versions prior to 1.4.7.
Tuesday, June 30, 2009 - 00:00