MyBB Compromised Source Packages Backdoor Vulnerability Network Vulnerability

Summary

MyBB is prone to a backdoor vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful attacks will compromise the affected application. MyBB versions 1.6.4 prior to October 6th, 2011 are vulnerable.

Solution

The vendor released an update. Please see the references for details.

References

http://blog.mybb.com/2011/10/06/1-6-4-security-vulnerabilit/
http://blog.mybb.com/wp-content/uploads/2011/10/mybb_1604_patches.txt
http://www.mybb.com/
http://www.securityfocus.com/bid/49993

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ALCASAR Remote Code Execution Vulnerability
ATutor password reminder SQL injection
Apache Axis2 Document Type Declaration Processing Security Vulnerability
Apple Safari RSS Feed Information Disclosure Vulnerability
Arkeia Appliance Path Traversal Vulnerability

Take action and discover your vulnerabilities