2009-04-07 10:00:00
mitre
PUBLISHED
SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER[HTTP_USER_AGENT]).