Back to search
CVE-2007-1964
Published: Apr 11, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password verification code in the debug output.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20070330 Mybb Change Password Vulnerability
mailing-list
x_refsource_BUGTRAQ
mybb-debugmode-information-disclosure(33345)
vdb-entry
x_refsource_XF
2544
third-party-advisory
x_refsource_SREASON
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now