Family: CGI abuses --> Category: attack
MyBB fid Parameter SQL Injection Vulnerability (2) Vulnerability Scan
Vulnerability Scan Summary
Checks for fid parameter SQL injection vulnerability in MyBB (2)
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP script that is prone to SQL
The remote version of MyBB is prone to a SQL injection attack due to
its failure to sanitize user-supplied input to the 'fid' parameter of
the 'misc.php' script before using it in database queries.
See also :
Enable PHP's 'magic_quotes_gpc' setting.
Medium / CVSS Base Score : 4
Click HERE for more information and discussions on this network vulnerability scan.