Description

MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories.

Remediation

References

CVE-2016-9414

Related Vulnerabilities

WordPress Plugin IBPS Online Exam Multiple Vulnerabilities (1.0)

concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-22958)

PHPFusion Multiple SQL Injection Vulnerabilities (CVE-2014-8596)

WordPress Resource Management Errors Vulnerability (CVE-2014-5266)

WordPress Plugin WP Gravity Forms Insightly Cross-Site Scripting (1.0.6)

Severity

High

Classification

CVE-2016-9414 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities