Lucene search

MitreCVE-2010-4624

HistoryDec 30, 2010 - 9:00 p.m.

CVE-2010-4624

2010-12-3021:00:02

CWE-264

mitre

web.nvd.nist.gov

mybb

mybulletinboard

cve-2010-4624

img mycodes

security vulnerability

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.002

Percentile

56.3%

JSON

MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated users to bypass intended restrictions on the number of [img] MyCodes by editing a post after it has been created.

Affected configurations

Nvd

Node

mybbmybbRange≤1.4.11

mybbmybbMatch1.00

mybbmybbMatch1.01

mybbmybbMatch1.1.0

mybbmybbMatch1.1.1

mybbmybbMatch1.1.2

mybbmybbMatch1.1.3

mybbmybbMatch1.1.4

mybbmybbMatch1.1.5

mybbmybbMatch1.1.6

mybbmybbMatch1.1.7

mybbmybbMatch1.1.8

mybbmybbMatch1.02

mybbmybbMatch1.2

mybbmybbMatch1.2.0

mybbmybbMatch1.2.1

mybbmybbMatch1.2.2

mybbmybbMatch1.2.3

mybbmybbMatch1.2.4

mybbmybbMatch1.2.5

mybbmybbMatch1.2.6

mybbmybbMatch1.2.7

mybbmybbMatch1.2.8

mybbmybbMatch1.2.9

mybbmybbMatch1.2.10

mybbmybbMatch1.2.11

mybbmybbMatch1.2.12

mybbmybbMatch1.2.13

mybbmybbMatch1.03

mybbmybbMatch1.04

mybbmybbMatch1.4.0

mybbmybbMatch1.4.2

mybbmybbMatch1.4.3

mybbmybbMatch1.4.6

mybbmybbMatch1.4.8

mybbmybbMatch1.4.9

mybbmybbMatch1.4.10

VendorProductVersionCPE
mybbmybb*cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*
mybbmybb1.00cpe:2.3:a:mybb:mybb:1.00:*:*:*:*:*:*:*
mybbmybb1.01cpe:2.3:a:mybb:mybb:1.01:*:*:*:*:*:*:*
mybbmybb1.1.0cpe:2.3:a:mybb:mybb:1.1.0:*:*:*:*:*:*:*
mybbmybb1.1.1cpe:2.3:a:mybb:mybb:1.1.1:*:*:*:*:*:*:*
mybbmybb1.1.2cpe:2.3:a:mybb:mybb:1.1.2:*:*:*:*:*:*:*
mybbmybb1.1.3cpe:2.3:a:mybb:mybb:1.1.3:*:*:*:*:*:*:*
mybbmybb1.1.4cpe:2.3:a:mybb:mybb:1.1.4:*:*:*:*:*:*:*
mybbmybb1.1.5cpe:2.3:a:mybb:mybb:1.1.5:*:*:*:*:*:*:*
mybbmybb1.1.6cpe:2.3:a:mybb:mybb:1.1.6:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mybb	mybb	*	cpe:2.3:a:mybb:mybb::::::::
mybb	mybb	1.00	cpe:2.3:a:mybb:mybb:1.00:::::::*
mybb	mybb	1.01	cpe:2.3:a:mybb:mybb:1.01:::::::*
mybb	mybb	1.1.0	cpe:2.3:a:mybb:mybb:1.1.0:::::::*
mybb	mybb	1.1.1	cpe:2.3:a:mybb:mybb:1.1.1:::::::*
mybb	mybb	1.1.2	cpe:2.3:a:mybb:mybb:1.1.2:::::::*
mybb	mybb	1.1.3	cpe:2.3:a:mybb:mybb:1.1.3:::::::*
mybb	mybb	1.1.4	cpe:2.3:a:mybb:mybb:1.1.4:::::::*
mybb	mybb	1.1.5	cpe:2.3:a:mybb:mybb:1.1.5:::::::*
mybb	mybb	1.1.6	cpe:2.3:a:mybb:mybb:1.1.6:::::::*

Rows per page:

1-10 of 371

References

blog.mybb.com/2010/04/13/mybb-1-4-12-released-security-maintenance-update/

dev.mybboard.net/issues/728

openwall.com/lists/oss-security/2010/10/08/7

openwall.com/lists/oss-security/2010/10/11/8

openwall.com/lists/oss-security/2010/12/06/2

exchange.xforce.ibmcloud.com/vulnerabilities/64518

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.002

Percentile

56.3%

JSON

Related for CVE-2010-4624