CVE-2016-9410

MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to obtain sensitive database information via vectors involving templates.
References
Link Resource
http://www.openwall.com/lists/oss-security/2016/11/10/8 Mailing List Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/11/18/1 Mailing List Patch Third Party Advisory
http://www.securityfocus.com/bid/94395 Third Party Advisory VDB Entry
https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/ Patch Third Party Advisory Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mybb:merge_system:*:*:*:*:*:*:*:*
cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-01-31 22:59

Updated : 2024-02-04 19:11


NVD link : CVE-2016-9410

Mitre link : CVE-2016-9410

CVE.ORG link : CVE-2016-9410


JSON object : View

Products Affected

mybb

  • merge_system
  • mybb
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor