Family: CGI abuses --> Category: attack
MyBB Global Variable Overwrite Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for globals.php SQL injection vulnerability in MyBB
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that is affected by a
global variable overwrite vulnerability.
The remote version of MyBB does not properly initialize global
variables in the 'global.php' and 'inc/init.php' scripts. An
unauthenticated attacker can leverage this issue to overwrite global
variables through GET and POST requests and launch other attacks
against the affected application.
See also :
Upgrade to MyBB 1.1.1 or later.
High / CVSS Base Score : 7
Click HERE for more information and discussions on this network vulnerability scan.