Description
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by reading the Latest Threads block of the Portal Page.
Remediation
References
Related Vulnerabilities
MySQL CVE-2017-3644 Vulnerability (CVE-2017-3644)
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-45363)
WordPress Plugin stm-megamenu Local File Inclusion (2.3.12)
WordPress Plugin Easy Table Cross-Site Scripting (1.6)
WordPress Plugin WordPress Popular Posts Cross-Site Scripting (3.3.2)