Description

MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import."

Remediation

References

CVE-2016-9415

Related Vulnerabilities

WordPress Plugin Accept Donations with PayPal Cross-Site Request Forgery (1.3.3)

concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-22958)

Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5539)

WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.22)

WordPress Plugin Woocommerce CSV importer Arbitrary File Deletion (3.3.6)

Severity

High

Classification

CVE-2016-9415 CWE-284 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities