Description

MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories.

Remediation

References

CVE-2016-9414

Related Vulnerabilities

WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.23)

WordPress Plugin Backup Migration Remote Code Execution (1.3.7)

WordPress Plugin Catch Themes Demo Import Security Bypass (1.5)

Dolibarr Improper Privilege Management Vulnerability (CVE-2020-14201)

WordPress Plugin Archivist-Custom Archive Templates Multiple Vulnerabilities (1.7.4)

Severity

High

Classification

CVE-2016-9414 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities