SQL Injection Vulnerability in MyBB Group Promotions Module
CVE-2015-8974 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Learn more about our Web Application Penetration Testing UK.