| Summary | Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0.2 have unspecified impact and attack vectors, related to (1) admin/moderate.php, (2) admin/themes.php, (3) inc/functions.php, (4) inc/functions_upload.php, (5) printthread.php, and (6) usercp.php, and probably related to SQL injection. NOTE: it is likely that this issue subsumes CVE-2005-4602 and CVE-2005-4603. However, since the vendor advisory is vague and additional files are mentioned, is is likely that this contains at least one distinct vulnerability from CVE-2005-4602 and CVE-2005-4603. |
|---|---|
| Publication Date | Jan. 17, 2006, 6:03 a.m. |
| Registration Date | Jan. 29, 2021, 3:30 p.m. |
| Last Update | Jan. 3, 2013, 2 p.m. |
| CVSS2.0 : HIGH | |
| Score | 10.0 |
|---|---|
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| 攻撃元区分(AV) | ネットワーク |
| 攻撃条件の複雑さ(AC) | 低 |
| 攻撃前の認証要否(Au) | 不要 |
| 機密性への影響(C) | 高 |
| 完全性への影響(I) | 高 |
| 可用性への影響(A) | 高 |
| Get all privileges. | はい |
| Get user privileges | いいえ |
| Get other privileges | いいえ |
| User operation required | いいえ |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:mybb:mybb:1.0:beta4:*:*:*:*:*:* | |||||
| cpe:2.3:a:mybb:mybb:1.0:pr1:*:*:*:*:*:* | |||||
| cpe:2.3:a:mybb:mybb:1.0:pr2:*:*:*:*:*:* | |||||
| cpe:2.3:a:mybb:mybb:1.0:rc1:*:*:*:*:*:* | |||||
| cpe:2.3:a:mybb:mybb:1.0:rc2:*:*:*:*:*:* | |||||
| cpe:2.3:a:mybb:mybb:1.0:rc3:*:*:*:*:*:* | |||||
| cpe:2.3:a:mybb:mybb:1.0:rc4:*:*:*:*:*:* | |||||
| cpe:2.3:a:mybb:mybb:1.00:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:* | 1.01 | ||||