5 matches found
MyBB 1.8.13 - Remote Code Execution
Exploit Title: RCE in MyBB up to 1.8.13 via installer Date: Found on 05-29-2017 Exploit Author: Pablo Sacristan Vendor Homepage: https://mybb.com/ Version: Version 1.8.13 Fixed in 1.8.13 CVE : CVE-2017-16780 This RCE can be executed via CSRF but doesn't require it in some special cases. The...
CVE-2017-16780
creationtimestamp| type| source ---|---|--- 2017-11-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43136...
MyBB 1.8.13 - Remote Code Execution
MyBB 1.8.13 - Remote Code Execution Exploit Title: RCE in MyBB up to 1.8.13 via installer Date: Found on 05-29-2017 Exploit Author: Pablo Sacristan Vendor Homepage: https://mybb.com/ Version: Version 1.8.13 Fixed in 1.8.13 CVE : CVE-2017-16780 This RCE can be executed via CSRF but doesn't require...
CVE-2017-16780
The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file...
CVE-2017-16780
MyBB 1.8.x is affected by CVE-2017-16780: the installer before 1.8.13 allows an unauthenticated remote attacker to write to the configuration file, enabling remote code execution. The root cause is improper handling during installation that permits arbitrary code execution via the config file. Im...