CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mybb-2fa Project: >> Mybb-2fa >> 2014-11-05 Security Vulnerabilities

CVE-2019-12363

An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2014-11-05 for MyBB. An attacker can forge a request to an installed mybb2fa plugin to control its state via usercp.php?action=mybb2fa&do=deactivate (or usercp.php?action=mybb2fa&do=activate). A deactivate operation lowers the security of the targeted account by disabling two factor authentication.

CVSS Score

8.8

EPSS Score

0.001

Published

2019-07-11

Page 1

Vulnerabilities

Vulnerable Software

Mybb-2fa Project: >> Mybb-2fa >> 2014-11-05 Security Vulnerabilities

Products

Pricing

Contact Us