CVE-2012-2324

Name of the Vulnerable Software and Affected Versions MyBB versions prior to 1.6.7

Description The issue allows remote administrators to execute arbitrary SQL commands via unspecified vectors in the user search or Mail Log in the Admin Control Panel (ACP).

Recommendations For versions prior to 1.6.7, update to version 1.6.7 or later to resolve the issue.