Описание
inc/functions_time.php in MyBB (aka MyBulletinBoard) 1.4.10, and possibly earlier versions, allows remote attackers to cause a denial of service (CPU consumption) via a crafted request with a large year value, which triggers a long loop, as reachable through member.php and possibly other vectors.
Ссылки
- Patch
- Patch
- Vendor Advisory
- Patch
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mybb:mybb:1.4.10:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01238
Низкий
5 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
github
почти 4 года назад
inc/functions_time.php in MyBB (aka MyBulletinBoard) 1.4.10, and possibly earlier versions, allows remote attackers to cause a denial of service (CPU consumption) via a crafted request with a large year value, which triggers a long loop, as reachable through member.php and possibly other vectors.
EPSS
Процентиль: 79%
0.01238
Низкий
5 Medium
CVSS2
Дефекты
CWE-399