Key Information Summary Vulnerability Overview CVE ID: CVE-2006-2486 Risk Level: Medium Release Date: 2006-05-16 Affected Scope: YapBB <= 1.2 Beta2 Vulnerability Type: SQL Injection Technical Details CVSS Base Score: 6.4/10 Attack Complexity: Low Exploitability: 10/10 Authentication Required: None Availability Impact: None Vulnerability Description YapBB is an open-source web forum written in PHP. In the file, there is an SQL injection vulnerability. Attackers can construct malicious requests to retrieve all users' nicknames, IDs, and passwords. Vulnerable Code Example Remediation Recommendation Patch Example: Exploitability Attackers can exploit this vulnerability to obtain all users' nicknames, IDs, and passwords, posing a serious security risk. It is recommended to promptly upgrade to a patched version of YapBB or apply the provided fix to prevent exploitation.