CVE-2010-4628

Name of the Vulnerable Software and Affected Versions MyBB versions prior to 1.4.12

Description The issue allows remote attackers to cause a denial of service by consuming resources, triggered by making requests to "member.php" that result in scans of the entire users table. This is due to a superfluous call to the SQL COUNT function.

Recommendations For versions prior to 1.4.12, update to version 1.4.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the "member.php" file to minimize the risk of exploitation.