First published: Sat Jun 15 2019(Updated: )
In MyBB before 1.8.21, an attacker can abuse a default behavior of MySQL on many systems (that leads to truncation of strings that are too long for a database column) to create a PHP shell in the cache directory of a targeted forum via a crafted XML import, as demonstrated by truncation of aaaaaaaaaaaaaaaaaaaaaaaaaa.php.css to aaaaaaaaaaaaaaaaaaaaaaaaaa.php with a 30-character limit, aka theme import stylesheet name RCE.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mybb Mybb | <1.8.21 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2019-12831.
The severity of CVE-2019-12831 is high with a severity value of 7.2.
CVE-2019-12831 affects MyBB versions prior to 1.8.21.
An attacker can exploit CVE-2019-12831 by abusing a default behavior of MySQL to create a PHP shell in the cache directory of a targeted forum via a crafted XML import.
CVE-2019-12831 can be fixed by upgrading MyBB to version 1.8.21 or later.