Critical severity9.8NVD Advisory· Published Sep 21, 2017· Updated Jun 17, 2026
CVE-2017-14652
CVE-2017-14652
Description
SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated remote attacker to inject arbitrary SQL commands via an XML-RPC encoded document sent as part of the user registration process.
Affected products
2- Range: <4.5.8
Patches
Vulnerability mechanics
References
2- adrianhayter.com/exploits.phpnvdExploitThird Party Advisory
- www.tapatalk.com/groups/tapatalksupport/tapatalk-for-mybb-plugin-release-announcement-and--t5877-s50.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.