Description

The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file.

Remediation

References

CVE-2017-16780

Related Vulnerabilities

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6379)

MySQL CVE-2019-2758 Vulnerability (CVE-2019-2758)

Python Resource Management Errors Vulnerability (CVE-2012-0845)

Apache Tomcat Improper Input Validation Vulnerability (CVE-2014-0033)

WordPress Plugin Email Encoder-Protect Email Addresses Cross-Site Scripting (1.4.1)

Severity

Critical

Classification

CVE-2017-16780 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities