Описание
MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames.
Ссылки
- Broken LinkExploit
- Broken LinkExploit
- ExploitMailing List
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- Broken LinkExploit
- Broken LinkExploit
- ExploitMailing List
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mybb:mybb:1.4.2:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00725
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-330
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames.
EPSS
Процентиль: 72%
0.00725
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-330