oss-sec mailing list archives
CVE request: MyBB multiple vulnerabilities
From: Henri Salo <henri () nerv fi>
Date: Thu, 10 Nov 2016 19:15:51 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello MITRE, Could you assign CVEs for following MyBB vulnerabilities, thank you. Fixed in 1.8.6 https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/ Medium Risk: Forum password bypass in xmlhttp.php – reported by Devilshakerz Low Risk: SQL Injection in Grouppromotions module (ACP) – reported by Devilshakerz Low Risk: Possible XSS Injection in the error handler – reported by FooBar123 Low Risk: Possible XSS issues in old upgrade files – reported by FooBar123 Low Risk: Possible Full Path Disclosure in publicly accessible error log files – reported by Devilshakerz Fixed in 1.8.7 https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/ Medium risk: Possible SQL Injection in moderation tool – reported by jamslater Low risk: Missing permission check in newreply.php – reported by StefanT Low risk: Possible XSS Injection on login – reported by Devilshakerz Low risk: Possible XSS Injection in member validation – reported by Tim Coen Low risk: Possible XSS Injection in User CP – reported by Tim Coen Low risk: Possible XSS Injection in Mod CP logs – reported by Starpaul20 Low risk: Possible XSS Injection when editing users in Mod CP – reported by Tim Coen Low risk: Possible XSS Injection when pruning logs in ACP – reported by Devilshakerz Low risk: Possibility of retrieving database details through templates – reported by Tim Coen Low risk: Disclosure of ACP path when sending mails from ACP – reported by sarisisop Low risk: Low adminsid & sid entropy – reported by Devilshakerz Low risk: Clickjacking in ACP – reported by DingjieYang Low risk: Missing directory listing protection in upload directories – reported by Tim Coen Fixed in 1.8.8 https://blog.mybb.com/2016/10/17/mybb-1-8-8-merge-system-1-8-8-release/ Medium risk: Style import CSS overwrite on Windows servers – reported by patryk Medium risk: SQL Injection in the users data handler – reported by afinepl Medium risk: SSRF attack in fetch_remote_file() – reported by dawid_golunski Medium risk: Possible short name access to ACP backups on Windows servers – reported by kevinoclam Low risk: Stored XSS in the ACP – reported by patryk Low risk: Loose comparison false positives – reported by Devilshakerz Low risk: Possible XSS injection in ACP users module – reported by afinepl - -- Henri Salo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJYJKtHAAoJECet96ROqnV0LXgQAKrMRH9ArhiKKdS5UNsAdAtP KWc/UEhW1TS/GXbXJ/byUS1EE4BP8KfzwPsVHsM4KDWx/bIVGjx8HK9sUA0lK1Uq FFqzQieoAOex8gKS/yHWm4zuY7x2EVNSSl+pR0srnNJt8O1/GmYluDNgIj1BYIuK ZdZSF7NuAilp7XG9Z9rxWl1yLtPH81rLhBkQDIR1xOyPruGCLxmAJ5Se059wTNfe 0wquNr2PisunO1PDmZ0nFTrmTfWWBzV2I3/UFYID9Z0vWd+gpZ6aSyGNFXLsQaS2 oRQwtlejxBy2updbDFkkTOB0PJN2ctA+Q5N3ueB+Vw+8Mamql54SlA0CJSe1s5/5 /4BxbOlB0Ju8HthyTWX8V4rugFj2rLNZxHOUaRel/aH83lLfLjjfxiX2mGla5KJH zn5dmT4ADJRv5QPx9FubNv4R+YSh0keQsDuK+WIv4qw/I7WVPtLAc98NrSh0JRj5 KewS04rndPEk3E+T35i/KsC0D26Yr5h1seWfkCsv0lQ6lwFaS6opojKWNflvVkVy dSIamrkKazi0w//VxrlVeA4kyZW17zflU00/yOyts5po05qSngPGqVZt5if6elor G+NMTt3Dnt8OKzyuqwmCcnhkVwbAbx80ruDKGWcy5YAlKM/44x9hXdO2HcIFAbUf rK8ZN9KBcR6VlQjXYqz2 =Cuu9 -----END PGP SIGNATURE-----
Current thread:
- CVE request: MyBB multiple vulnerabilities Henri Salo (Nov 10)
- Re: CVE request: MyBB multiple vulnerabilities cve-assign (Nov 17)