Description
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories.
Remediation
References
Related Vulnerabilities
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.23)
WordPress Plugin Backup Migration Remote Code Execution (1.3.7)
WordPress Plugin Catch Themes Demo Import Security Bypass (1.5)
Dolibarr Improper Privilege Management Vulnerability (CVE-2020-14201)
WordPress Plugin Archivist-Custom Archive Templates Multiple Vulnerabilities (1.7.4)