Description

Cross-site request forgery (CSRF) vulnerability in the Admin Control Panel (ACP) login in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Remediation

References

CVE-2015-2334

Related Vulnerabilities

PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-19355)

WordPress Plugin Simple Post Cross-Site Scripting (1.1)

MySQL CVE-2020-14567 Vulnerability (CVE-2020-14567)

PHP Other Vulnerability (CVE-2015-2787)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-0701)

Severity

Medium

Classification

CVE-2015-2334 CWE-352

Tags

Missing Update Known Vulnerabilities