Description
MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames.
Remediation
References
Related Vulnerabilities
WordPress Plugin Chunks Cross-Site Scripting (1.1)
phpBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-6506)
WordPress Plugin User Domain Whitelist Multiple Vulnerabilities (1.4)
WordPress Plugin My Tickets Security Bypass (1.9.11)
Dot CMS Uncontrolled Recursion Vulnerability (CVE-2022-37034)