VYPR
Critical severity9.8NVD Advisory· Published Sep 21, 2017· Updated Jun 17, 2026

CVE-2017-14652

CVE-2017-14652

Description

SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated remote attacker to inject arbitrary SQL commands via an XML-RPC encoded document sent as part of the user registration process.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.