5 matches found
CVE-2019-12363
An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2014-11-05 for MyBB. An attacker can forge a request to an installed mybb2fa plugin to control its state via usercp.php?action=mybb2fa=deactivate or usercp.php?action=mybb2fa=activate. A deactivate operation lowers the security ...
EUVD-2019-3998
Malware in sbrugna...
CVE-2019-12363
An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2014-11-05 for MyBB. An attacker can forge a request to an installed mybb2fa plugin to control its state via usercp.php?action=mybb2fa&do=deactivate or usercp.php?action=mybb2fa&do=activate. A deactivate operation lowers the...
Cross site request forgery (csrf)
An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2014-11-05 for MyBB. An attacker can forge a request to an installed mybb2fa plugin to control its state via usercp.php?action=mybb2fa&do=deactivate or usercp.php?action=mybb2fa&do=activate. A deactivate operation lowers the...
CVE-2019-12363
CVE-2019-12363 describes a CSRF vulnerability in the JN-Jones MyBB-2FA plugin for MyBB (up to 2014-11-05). An attacker can forge requests to an installed mybb2fa plugin to change its state via usercp.php?action=mybb2fa&do=deactivate (or ...&do=activate). This deactivates two-factor authentication...