Description

MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import."

Remediation

References

CVE-2016-9415

Related Vulnerabilities

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2048)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5624)

WordPress Plugin Zotpress 'zotpress.rss.php' SQL Injection (4.4)

WordPress Plugin My Chatbot Cross-Site Scripting (1.1)

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-6211)

Severity

High

Classification

CVE-2016-9415 CWE-284 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities