Описание
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password verification code in the debug output.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mybb:mybb:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mybulletinboard:mybulletinboard:1.2.5:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00679
Низкий
6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password verification code in the debug output.
EPSS
Процентиль: 71%
0.00679
Низкий
6 Medium
CVSS2
Дефекты
NVD-CWE-Other