Description

Cross-site request forgery (CSRF) vulnerability in the Admin Control Panel (ACP) login in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Remediation

References

CVE-2015-2334

Related Vulnerabilities

WordPress Plugin Ditty WordPress-Responsive Slider, List, and Ticker Display Unspecified Vulnerability (1.5.1)

WordPress Plugin The Plus Addons for Elementor Security Bypass (4.1.6)

WebLogic CVE-2020-14825 Vulnerability (CVE-2020-14825)

WordPress Plugin Post SMTP-WP SMTP with Email Logs & Mobile App for Failure Alerts-Any SMTP Plus Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES, Postmark Cross-Site Scripting (2.5.7)

LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3752)

Severity

Medium

Classification

CVE-2015-2334 CWE-352

Tags

Missing Update Known Vulnerabilities