First published: Tue Jan 31 2017(Updated: )
xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MyBB Merge System | <=1.8.5 | |
Mybb Mybb | <=1.6.17 | |
Mybb Mybb | =1.8.0 | |
Mybb Mybb | =1.8.1 | |
Mybb Mybb | =1.8.2 | |
Mybb Mybb | =1.8.3 | |
Mybb Mybb | =1.8.4 | |
Mybb Mybb | =1.8.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.