MyBB CVE-2017-7566 Server Side Request Forgery Security Bypass Vulnerability



MyBB is prone to a security bypass vulnerability.

An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks.

Versions prior to MyBB 1.8.11 are vulnerable.

Information

Bugtraq ID: 97480
Class: Design Error
CVE: CVE-2017-7566

Remote: Yes
Local: No
Published: Apr 04 2017 12:00AM
Credit: Orange Tsai of DEVCORE and Jasveer Singh of SEC Consult Vulnerability Lab.
Vulnerable: MyBB MyBB 1.8.8
MyBB MyBB 1.8.7
MyBB MyBB 1.8.6
MyBB MyBB 1.8.5
MyBB MyBB 1.8.4
MyBB MyBB 1.8.3
MyBB MyBB 1.8.2
MyBB MyBB 1.8.1
MyBB MyBB 1.6.16
MyBB MyBB 1.6.14
MyBB MyBB 1.6.13
MyBB MyBB 1.6.11
MyBB MyBB 1.6.10
MyBB MyBB 1.6.9
MyBB MyBB 1.6.8
MyBB MyBB 1.6.7
MyBB MyBB 1.6.6
MyBB MyBB 1.6.5
MyBB MyBB 1.6.4
MyBB MyBB 1.6.3
MyBB MyBB 1.6.2
MyBB MyBB 1.6.1
MyBB MyBB 1.4.16
MyBB MyBB 1.4.15
MyBB MyBB 1.4.14
MyBB MyBB 1.4.10
MyBB MyBB 1.4.9
MyBB MyBB 1.4.8
MyBB MyBB 1.4.7
MyBB MyBB 1.4.6
MyBB MyBB 1.4.5
MyBB MyBB 1.4.3
MyBB MyBB 1.4.2
MyBB MyBB 1.2.14
MyBB MyBB 1.2.12
MyBB MyBB 1.2.2
MyBB MyBB 1.2.1
MyBB MyBB 1.2
MyBB MyBB 1.1.3
MyBB MyBB 1.1
MyBB MyBB 1.6.12
MyBB MyBB 1.6.0
MyBB MyBB 1.6
MyBB MyBB 1.5.2
MyBB MyBB 1.4.4
MyBB MyBB 1.4.13
MyBB MyBB 1.4.12
MyBB MyBB 1.4.11
MyBB MyBB 1.4.1
MyBB MyBB 1.4.0
MyBB MyBB 1.2.9
MyBB MyBB 1.2.8
MyBB MyBB 1.2.7
MyBB MyBB 1.2.6
MyBB MyBB 1.2.5
MyBB MyBB 1.2.4
MyBB MyBB 1.2.3
MyBB MyBB 1.2.13
MyBB MyBB 1.2.11
MyBB MyBB 1.2.10
MyBB MyBB 1.1.8
MyBB MyBB 1.1.7
MyBB MyBB 1.1.6
MyBB MyBB 1.1.5
MyBB MyBB 1.1.4
MyBB MyBB 1.1.2
MyBB MyBB 1.1.1
MyBB MyBB 1.04
MyBB MyBB 1.03
MyBB MyBB 1.02
MyBB MyBB 1.01


Not Vulnerable: MyBB MyBB 1.8.11



Related Posts