MyBulletinBoard (MyBB) contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the polls.php script not properly sanitizing user-supplied input to the 'polloptions' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

Currently, there are no known upgrades to correct this issue. However, the MyBB Group has released a patch to address this vulnerability. It is also possible to correct the flaw by implementing the following workaround: set the magic_quotes_gpc PHP option to 'on'.

• Bugtraq ID: 14553
• Related OSVDB ID: 19030 19031 19033
• CVE ID: 2005-2580 (see also: NVD)
• ISS X-Force ID: 21936
• Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0397.html
• Vendor Specific Solution URL: http://community.mybboard.net/attachment.php?aid=1104
• Vendor Specific News/Changelog Entry: http://community.mybboard.net/showthread.php?tid=3350
• Vendor URL: http://www.mybboard.com

• phuket - phuket.bugtraqgmail.com -