CVE-2011-10018

CRITICAL

myBB 1.6.4 - Code Injection

Title source: llm

Description

myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubywebappsphp

https://www.exploit-db.com/exploits/17949

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by tdz · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/mybb_backdoor.rb

View Code ZIP pw:eip

References (5)

[Vendor Advisory] https://blog.mybb.com/2011/10/06/1-6-4-security-vulnerabilit/

[Product] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/mybb_backdoor.rb

[Third Party Advisory] https://web.archive.org/web/20111015224948/http://secunia.com/advisories/46300/

[Exploit] https://www.exploit-db.com/exploits/17949

[Third Party Advisory] https://www.vulncheck.com/advisories/mybb-backdoor-arbitrary-command-execution

Scores

CVSS v3 9.8

EPSS 0.5300

EPSS Percentile 97.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-912 CWE-94

Status published

Affected Products (1)

mybb/mybb

Timeline

Published Aug 13, 2025

Tracked Since Feb 18, 2026