Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

MyBB < 1.8.6 Arbitrary Code Execution



The remote web server is running a PHP application that is vulnerable to an arbitrary code execution attack vector.


Versions of MyBB (MyBulletinBoard) prior to 1.8.6 are affected by a flaw in the '__wakeup()' method that is triggered when deserializing specially crafted GMP objects. This may allow a remote attacker to potentially execute arbitrary code.


Upgrade to MyBB version 1.8.6 or later.