CVE-2018-1000503
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-1000503
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
MyBB Group MyBB contains a Incorrect Access Control vulnerability in Private forums that can result in Users can view posts from private forums without having the password. This attack appear to be exploitable via Subscribe to a forum through IDOR. This vulnerability appears to have been fixed in 1.8.15.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
MyBB Group MyBB 访问控制错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MyBB(又名MyBulletinBoard)是MyBB团队开发的一套用PHP和MySQL开发的免费且基于Web的论坛软件。该软件具有简单易用、支持多国语言、可扩展等特点。 MyBB Group MyBB中的私人论坛存在访问控制错误漏洞。攻击者可通过IDOR订阅论坛利用该漏洞无需密码查看私人论坛的帖子。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2018-1000503
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-1000503
请登录查看更多情报信息。
Same Patch Batch · n/a · 2018-06-26 · 86 CVEs total
| CVE-2018-1000532 | beep 安全漏洞 | |
| CVE-2018-1000528 | GONICUS Gosa 跨站脚本漏洞 | |
| CVE-2018-1000529 | Grails Fields插件跨站脚本漏洞 | |
| CVE-2018-1000527 | Froxlor 代码问题漏洞 | |
| CVE-2018-1000524 | miniSphere 数字错误漏洞 | |
| CVE-2018-1000523 | topydo 输入验证漏洞 | |
| CVE-2018-1000521 | Fastspot BigTree CMS 跨站脚本漏洞 | |
| CVE-2018-1000520 | ARM mbedTLS 安全漏洞 | |
| CVE-2018-1000519 | aio-libs aiohttp-session 安全漏洞 | |
| CVE-2018-1000525 | OpenPSA 代码问题漏洞 | |
| CVE-2018-1000531 | inversoft prime-jwt 输入验证漏洞 | |
| CVE-2018-1000533 | klaussilveira GitList 安全漏洞 | |
| CVE-2018-1000534 | Joplin 跨站脚本漏洞 | |
| CVE-2018-1000535 | LMS 安全漏洞 | |
| CVE-2018-1000536 | Medis 跨站脚本漏洞 | |
| CVE-2018-1000537 | Marlin 缓冲区错误漏洞 | |
| CVE-2018-1000538 | Minio S3 server 安全漏洞 | |
| CVE-2018-1000539 | Nov json-jwt 安全漏洞 | |
| CVE-2018-1000540 | LoboEvolution 安全漏洞 | |
| CVE-2018-1000542 | netbeans-mmd-plugin 安全漏洞 |
Showing top 20 of 86 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2018-1000503
No comments yet