CVE-2008-3967

Properties

Published:
09.09.2008
Updated:
16.09.2008
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Product:
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb
mybb: mybb

Vulnerability description

moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not properly check for moderator privileges, which has unknown impact and remote attack vectors.

References:

MLIST: http://www.openwall.com/lists/oss-security/2008/09/09/9
MLIST: http://www.openwall.com/lists/oss-security/2008/09/09/1
CONFIRM: http://community.mybboard.net/attachment.php?aid=10579