CVE-2009-2230

Publication date

2009-06-26 18:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) before 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy parameter.