Описание
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories.
Ссылки
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchThird Party AdvisoryVendor Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchThird Party AdvisoryVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.8.6 (включая)Версия до 1.8.6 (включая)
Одно из
cpe:2.3:a:mybb:merge_system:*:*:*:*:*:*:*:*
cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01218
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories.
EPSS
Процентиль: 79%
0.01218
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200