VYPR
Unrated severityNVD Advisory· Published Mar 2, 2006· Updated Jun 16, 2026

CVE-2006-0959

CVE-2006-0959

Description

SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands by setting the comma variable value via the comma parameter in a cookie. NOTE: 1.04 has also been reported to be affected.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mybulletinboard:mybulletinboard:1.0.4:*:*:*:*:*:*:*
  • PhpBB/MyBBllm-create
    Range: <=1.04

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.