Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
myBB 1.6.4 Backdoor Arbitrary Command Execution
Vulnerability Description
myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application.
CVSS Information
N/A
Vulnerability Type
隐藏功能
Vulnerability Title
MyBB 安全漏洞
Vulnerability Description
MyBB(MyBulletinBoard)是MyBB团队的一套用PHP和MySQL开发的免费且基于Web的论坛软件。该软件具有简单易用、支持多国语言、可扩展等特点。 MyBB 1.6.4版本存在安全漏洞,该漏洞源于源代码中嵌入后门,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A