Description

MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import."

Remediation

References

CVE-2016-9415

Related Vulnerabilities

WordPress Plugin InBoundio Marketing Arbitrary File Upload (2.0.3)

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3093)

Django Uncontrolled Resource Consumption Vulnerability (CVE-2023-24580)

PHP Numeric Errors Vulnerability (CVE-2015-7804)

WordPress Plugin Share and Follow 'admin.php' Cross-Site Scripting (1.80.3)

Severity

High

Classification

CVE-2016-9415 CWE-284 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities