Description

MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import."

Remediation

References

CVE-2016-9415

Related Vulnerabilities

WordPress Plugin Advanced Database Cleaner SQL Injection (3.0.1)

WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.5)

WordPress Plugin Weather Effect-Christmas Santa Snow Falling Cross-Site Request Forgery (1.3.3)

WordPress Plugin Ultimate Membership Pro Cross-Site Request Forgery (8.6.1)

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9467)

Severity

High

Classification

CVE-2016-9415 CWE-284 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities