CRITICAL🇬🇧 English

CVE-2016-9412

CVSS 9.8v3.0pub. 2017-01-31upd. 2026-05-13

MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Mybb Merge System

    APP
    Mybb
    ≤ 1.8.6
  • Mybb

    APP
    Mybb
    ≤ 1.8.6
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2011-10018CRITICAL10.0PL ✓ten sam produkt

MyBB 1.6.4 — backdoor w pakiecie źródłowym umożliwiający RCE

CVE-2020-22612CRITICAL9.8ten sam produkt

Installer RCE on settings file write in MyBB before 1.8.22.

CVE-2017-16780CRITICAL9.8ten sam produkt

The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the config...

CVE-2016-9402CRITICAL9.8ten sam produkt

SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge S...

CVE-2015-8974CRITICAL10.0ten sam produkt

SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinB...

CVE-2016-9412 — CRITICAL 9.8 | CVEbaza.pl