MyBB < 1.6.14 DoS

Medium Nessus Network Monitor Plugin ID 8630


The remote web server is running a PHP application that is vulnerable to a denial of service vulnerability.


The remote web server hosts MyBulletinBoard, a web-based discussion board application. Versions of MyBB 1.6.x before 1.6.14 are potentially affected by a denial of service vulnerability when handling malformed emails. An attacker can exploit this issue to crash the application or deny service to legitimate users. This issue specifically affects the 'sendthread.php' script, which is used to share forum threads between friends via email.


Upgrade to MyBB 1.6.14 or later.

See Also

Plugin Details

Severity: Medium

ID: 8630

Family: CGI

Published: 2015/01/22

Modified: 2018/09/16

Dependencies: 9125

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 4.9


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mybb:mybb

Patch Publication Date: 2014/05/29

Vulnerability Publication Date: 2014/05/29

Reference Information

BID: 67719