Emmet Leahy

**Name of the Vulnerable Software and Affected Versions** MyBB versions prior to 1.8.36 **Description** The issue is related to code injection by users with certain high privileges in the MyBB software. Templates in the Admin CP intentionally use `eval`, and there was some validation of the input to `eval`, but type juggling interfered with this when using PCRE within PHP. This can allow a remote attacker to execute arbitrary code. **Recommendations** For MyBB versions prior to 1.8.36, update to version 1.8.36 or later to resolve the issue. As a temporary workaround, consider restricting access to the Admin CP templates that use `eval` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** adodb versions prior to 5.20.21 **Description** The issue is related to an authentication bypass weakness in the adodb library. This weakness can be exploited by a remote attacker to bypass the authentication process. The vulnerability is associated with the `adodb addslashes()` function and can allow an attacker to inject values into a PostgreSQL connection string by providing a parameter surrounded by single quotes. Depending on how the library is used, this may allow an attacker to bypass the login process or gain access to the server's IP address. **Recommendations** To resolve the issue, update to ADOdb version 5.20.21 or later. As a temporary workaround, ensure the parameters passed to `ADOConnection::connect()` or related functions are not surrounded by single quotes. Consider deleting line 29 in `drivers/adodb-postgres64.inc.php` to patch the vulnerability.