CyberSec.Space Logo
返回 CVE 浏览器

CVE-2016-9403

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1200%
EPSS Percentile30.11th
Published2017年1月31日
Last Modified2026年5月13日

Vulnerability Description

newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check.

Affected Platforms (CPE)

📦
Mybb

Merge System

<= 1.8.6
📦
Mybb

Mybb

<= 1.8.6

References & Advisories

🔗 http://www.openwall.com/lists/oss-security/2016/11/10/8
🔗 http://www.openwall.com/lists/oss-security/2016/11/18/1
🔗 http://www.securityfocus.com/bid/94395
🔗 https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/
🔗 http://www.openwall.com/lists/oss-security/2016/11/10/8
🔗 http://www.openwall.com/lists/oss-security/2016/11/18/1
🔗 http://www.securityfocus.com/bid/94395
🔗 https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/

相关漏洞威胁

CVE-2015-897410.0

SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 ...

CVE-2018-128929.9

An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due ...

CVE-2016-94029.8

SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 m...

CVE-2016-94129.8

MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors ...