Description

MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name.

Remediation

References

CVE-2016-9418

Related Vulnerabilities

Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-49767)

PHP Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2007-0455)

WordPress Plugin WP SVG Icons Cross-Site Request Forgery (3.2.1)

WordPress Plugin Limit Login Attempts Reloaded Cross-Site Scripting (2.7.0)

WordPress Plugin ImageDrop 'ImageDrop.php' Blind SQL Injection (1.1.2)

Severity

High

Classification

CVE-2016-9418 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities