Vulnerabilities > CVE-2007-1964 - Denial-Of-Service vulnerability in MyBulletinBoard
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password verification code in the debug output.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |