CVE-2006-2333

Name of the Vulnerable Software and Affected Versions MyBB version 1.1.1

Description The issue allows remote attackers to execute arbitrary SQL commands via the e-mail address when registering for a forum that requires e-mail verification. This is due to improper handling in usercp.php and member.php.

Recommendations For MyBB version 1.1.1, as a temporary workaround, consider restricting access to the user registration process that requires e-mail verification until a proper fix is applied. Additionally, restrict input handling in usercp.php and member.php to minimize the risk of SQL injection.