Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-43281
HistoryNov 04, 2021 - 5:42 p.m.

CVE-2021-43281

2021-11-0417:42:34
mitre
www.cve.org
7
mybb
remote code injection
admin cp

EPSS

0.002

Percentile

55.7%

JSON

MyBB before 1.8.29 allows Remote Code Injection by an admin with the “Can manage settings?” permission. The Admin CP’s Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type “php” with PHP code, executed on Change Settings pages.

Related

prion 1
osv 1
nvd 1
cve 1
openvas 1
prion
prion
Code injection
2021-11-04 18:15:00
osv
osv
BIT-mybb-2021-43281
2024-03-06 10:58:37
nvd
nvd
CVE-2021-43281
2021-11-04 18:15:08
cve
cve
CVE-2021-43281
2021-11-04 18:15:08
openvas
openvas
MyBB 1.2.0 < 1.8.29 RCE Vulnerability (GHSA-8gxx-vmr9-h39p)
2021-11-05 00:00:00

EPSS

0.002

Percentile

55.7%

JSON
Related for CVELIST:CVE-2021-43281
prion1osv1nvd1cve1openvas1