Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7566)

Description

MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism.

Remediation

References

Related Vulnerabilities

Zope Web Application Server Cryptographic Issues Vulnerability (CVE-2012-6661)

WordPress Plugin Add Comments Cross-Site Scripting (1.0.1)

WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.31)

WordPress Plugin WP STAGING WordPress Backup-Migration Backup Restore Information Disclosure (3.4.3)

MySQL CVE-2018-2779 Vulnerability (CVE-2018-2779)

Severity

High

Classification

CVE-2017-7566 CWE-918 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities