CVE-2008-0788

Multiple cross-site request forgery (CSRF) vulnerabilities in MyBB 1.2.11 and earlier allow remote attackers to (1) hijack the authentication of moderators or administrators for requests that delete threads via a do_multideletethreads action to moderation.php and (2) hijack the authentication of arbitrary users for requests that delete private messages (PM) via a delete action to private.php.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*

Information

Published : 2008-02-14 17:00

Updated : 2009-08-19 21:00


NVD link : CVE-2008-0788

Mitre link : CVE-2008-0788


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

mybb

  • mybb