Vulnerability Details : CVE-2010-4624
MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated users to bypass intended restrictions on the number of [img] MyCodes by editing a post after it has been created.
Exploit prediction scoring system (EPSS) score for CVE-2010-4624
Probability of exploitation activity in the next 30 days: 0.19%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 55 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-4624
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
3.5
|
LOW | AV:N/AC:M/Au:S/C:N/I:P/A:N |
6.8
|
2.9
|
NIST |
CWE ids for CVE-2010-4624
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-4624
-
http://openwall.com/lists/oss-security/2010/10/08/7
oss-security - CVE request: mybb before 1.4.11 and before 1.4.12
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/64518
MyBB MyCodes security bypass CVE-2010-4624 Vulnerability Report
-
http://dev.mybboard.net/issues/728
-
http://openwall.com/lists/oss-security/2010/12/06/2
oss-security - Re: CVE request: mybb before 1.4.11 and before 1.4.12
-
http://blog.mybb.com/2010/04/13/mybb-1-4-12-released-security-maintenance-update/
MyBB 1.4.12 Released – Security & Maintenance Update | MyBB BlogPatch;Vendor Advisory
-
http://openwall.com/lists/oss-security/2010/10/11/8
oss-security - Re: CVE request: mybb before 1.4.11 and before 1.4.12
Products affected by CVE-2010-4624
- cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.00:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.04:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.01:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.02:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.03:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:mybb:mybb:1.4.6:*:*:*:*:*:*:*