0X86

**Name of the Vulnerable Software and Affected Versions** MyBB versions 1.2.5 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the day parameter in a dayview action within the calendar.php file. **Recommendations** For MyBB versions 1.2.5 and earlier, update to a version later than 1.2.5 to resolve the issue.