CVE-2006-0406 Information

Description

search.php in MyBB 1.0.2 allows remote attackers to obtain sensitive information via a certain search request that reveals the table prefix in a SQL error message possibly due to invalid parameters.

Reference

http://secunia.com/advisories/18577 http://www.osvdb.org/22736 http://www.securityfocus.com/archive/1/422227/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/24272