Description

newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check.

Remediation

References

CVE-2016-9403

Related Vulnerabilities

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2008-1672)

WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Security Bypass (1.2.4)

MySQL CVE-2012-0574 Vulnerability (CVE-2012-0574)

MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20758)

WordPress Plugin Brute Force Login Protection Cross-Site Scripting (1.5.2)

Severity

Critical

Classification

CVE-2016-9403 CWE-264 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities