cpe:/a:mybb:mybb:1.1.0 cpe:/a:mybb:mybb:1.1.1 cpe:/a:mybb:mybb:1.1.2 cpe:/a:mybb:mybb:1.1.3 cpe:/a:mybb:mybb:1.1.4 cpe:/a:mybb:mybb:1.1.5 cpe:/a:mybb:mybb:1.1.6 cpe:/a:mybb:mybb:1.1.7 cpe:/a:mybb:mybb:1.1.8 cpe:/a:mybb:mybb:1.2 cpe:/a:mybb:mybb:1.2.0 cpe:/a:mybb:mybb:1.2.1 cpe:/a:mybb:mybb:1.2.2 cpe:/a:mybb:mybb:1.2.3 cpe:/a:mybb:mybb:1.2.4 cpe:/a:mybb:mybb:1.2.5 cpe:/a:mybb:mybb:1.2.6 cpe:/a:mybb:mybb:1.2.7 cpe:/a:mybb:mybb:1.2.8 cpe:/a:mybb:mybb:1.2.9 cpe:/a:mybb:mybb:1.2.10 cpe:/a:mybb:mybb:1.2.11 cpe:/a:mybb:mybb:1.2.12 cpe:/a:mybb:mybb:1.2.13 cpe:/a:mybb:mybb:1.2.14 cpe:/a:mybb:mybb:1.3:pre-1.0 cpe:/a:mybb:mybb:1.4.0 cpe:/a:mybb:mybb:1.4.1 cpe:/a:mybb:mybb:1.4.2 cpe:/a:mybb:mybb:1.4.3 cpe:/a:mybb:mybb:1.4.4 cpe:/a:mybb:mybb:1.4.5 cpe:/a:mybb:mybb:1.4.6 cpe:/a:mybb:mybb:1.4.7 cpe:/a:mybb:mybb:1.4.8 cpe:/a:mybb:mybb:1.4.9 cpe:/a:mybb:mybb:1.4.10 cpe:/a:mybb:mybb:1.4.11 cpe:/a:mybb:mybb:1.4.12 cpe:/a:mybb:mybb:1.4.13 cpe:/a:mybb:mybb:1.4.14 cpe:/a:mybb:mybb:1.4.15 cpe:/a:mybb:mybb:1.4.16 cpe:/a:mybb:mybb:1.5.1 cpe:/a:mybb:mybb:1.5.2 cpe:/a:mybb:mybb:1.6.0 cpe:/a:mybb:mybb:1.6.1 cpe:/a:mybb:mybb:1.6.2 cpe:/a:mybb:mybb:1.6.3 cpe:/a:mybb:mybb:1.6.4 CVE-2011-5131 2012-08-30T18:55:04.137-04:00 2017-08-28T21:30:41.693-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2012-08-31T10:56:00.000-04:00 SECUNIA 46951 BID 50816 OSVDB 77327 CONFIRM http://blog.mybb.com/2011/11/25/mybb-1-6-5-released-feature-update-security-maintenance-release/ CONFIRM http://dev.mybb.com/issues/1729 XF mybb-language-setting-csrf(71462) Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the language parameter.