Security Advisory

CVE-2010-4626

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-12-30 20:00:00

Last updated 2024-08-07 03:51:17

Assigner mitre

State PUBLISHED

Description

The my_rand function in functions.php in MyBB (aka MyBulletinBoard) before 1.4.12 does not properly use the PHP mt_rand function, which makes it easier for remote attackers to obtain access to an arbitrary account by requesting a reset of the accounts password, and then conducting a brute-force attack.

← Browse all CVEs View on cve.org ↗