Description

MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories.

Remediation

References

CVE-2016-9414

Related Vulnerabilities

MySQL CVE-2016-0596 Vulnerability (CVE-2016-0596)

TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1153)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple SQL Injection Vulnerabilities (4.4.3)

WordPress Plugin Quick Restaurant Menu Multiple Vulnerabilities (2.0.2)

WordPress Plugin WPtouch 'wptouch_settings' Parameter Cross-Site Scripting (1.9.20)

Severity

High

Classification

CVE-2016-9414 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities