CVE-2005-2888 Information

Description

Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) Preview Release 2 allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter to misc.php or (2) Content-Disposition field in the HTTP header to newreply.php.

Reference

http://marc.info/?l=bugtraq&m=112611068702781&w=2 http://secunia.com/advisories/16738/ https://exchange.xforce.ibmcloud.com/vulnerabilities/22192