Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Mybb-2fa Project Subscribe
Filtered by product Mybb-2fa
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-12363 1 Mybb-2fa Project 1 Mybb-2fa 2019-07-17 6.8 MEDIUM 8.8 HIGH
An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2014-11-05 for MyBB. An attacker can forge a request to an installed mybb2fa plugin to control its state via usercp.php?action=mybb2fa&do=deactivate (or usercp.php?action=mybb2fa&do=activate). A deactivate operation lowers the security of the targeted account by disabling two factor authentication.