6 matches found
CVE-2015-8973
xmlhttp.php in MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password...
Default credentials
xmlhttp.php in MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password...
CVE-2015-8973
CVE-2015-8973 affects MyBB (MyBulletinBoard) up to before 1.6.18 and 1.8.x before 1.8.6, including MyBB Merge System before 1.8.6. The issue allows remote attackers to bypass intended access restrictions via vectors related to the forum password in xmlhttp.php, potentially enabling unauthorized a...
CVE-2015-8973
xmlhttp.php in MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password...
Wmshop 6.0 Password Disclosure
Cyber-Warrior & Security TIM - Bug Researchers Group Application Name : Wmshop 6.0 - 5.08 Vulnerable Type : Arbitrary Forum Password Disclosure Vulnerability Infection : Forum Password Get... Author : Septemb0x Script Down.& WebSite : http://s2.dosya.tc/wmshop6.0.rar.html -...
CVE-2003-1454
Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access...