Description
MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames.
Remediation
References
Related Vulnerabilities
SugarCRM Gain Sensitive Information Vulnerability (CVE-2004-1226)
Oracle Database Server CVE-2006-1875 Vulnerability (CVE-2006-1875)
ZenCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4322)
MySQL CVE-2017-10279 Vulnerability (CVE-2017-10279)
WordPress Plugin Font-official webfonts plugin of Fonts For Web Directory Traversal (7.5)