SQL Injection Vulnerability in MyBB 1.8.31 Admin CP Users Module

SQL Injection Vulnerability in MyBB 1.8.31 Admin CP Users Module

CVE-2022-43709 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.