Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

MyBB < 1.4.1 Multiple Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The version of MyBB installed on the remote host is vulnerable to a number of vulnerabilities. The application fails to properly parse and sanitize data sent to the following scripts: global.php, announcements.php, admin/inc/class_page.php, inc/functions.php, inc/datahandlers/post.php, inc/class_error.php, polls.php, moderation.php, inc/class_moderation.php, usercp.php, and attachments.php. The details of these flaws is currently unknown; however, the vendor has released a fix.

Solution

Upgrade to version 1.4.2 or higher.