cpe:/a:mybboard:custom_pages_plugin:1.0 CVE-2008-6198 2009-02-19T19:30:00.313-05:00 2017-09-28T21:33:00.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-02-20T11:15:00.000-05:00 ALLOWS_OTHER_ACCESS BID 28652 EXPLOIT-DB 5379 XF custompages-pages-sql-injection(41685) SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin for MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the page parameter.