VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 14, 2005· Updated Jun 16, 2026

CVE-2005-2888

CVE-2005-2888

Description

Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) Preview Release 2 allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter to misc.php or (2) Content-Disposition field in the HTTP header to newreply.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

Root cause

"Missing input sanitization in the `fid` parameter of misc.php and the `Content-Disposition` header field of newreply.php allows SQL injection."

Attack vector

An attacker can inject arbitrary SQL commands through two vectors. First, by sending a crafted `fid` parameter to misc.php, e.g. `misc.php?action=rules&fid=-1' [SQL]` [ref_id=1]. Second, by manipulating the `Content-Disposition` header field in an HTTP request to newreply.php, inserting a payload such as `Content-Disposition: form-data; name="icon"\r\n\r\n-1') [SQL] /*` [ref_id=1]. Both vectors require no authentication beyond network access to the MyBB application.

Affected code

The vulnerable files are misc.php (via the `fid` parameter) and newreply.php (via the `Content-Disposition` HTTP header field) [ref_id=1]. The advisory does not specify exact function names or line numbers within those files.

What the fix does

The advisory does not include a patch or remediation guidance [ref_id=1]. No fix is published in the supplied bundle; the vendor would need to add input sanitization or parameterized queries for the `fid` parameter and the `Content-Disposition` header value to prevent SQL injection.

Preconditions

  • networkNetwork access to the MyBB application
  • authNo authentication required
  • inputAttacker must be able to send crafted HTTP requests (GET for misc.php, POST with manipulated headers for newreply.php)

Reproduction

For misc.php, visit `http://site/misc.php?action=rules&fid=-1' [SQL]` [ref_id=1]. For newreply.php, send a POST request with the HTTP header `Content-Disposition: form-data; name="icon"\r\n\r\n-1') [SQL] /*` [ref_id=1].

Generated on Jun 16, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.