MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to obtain sensitive database information via vectors involving templates.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2016/11/10/8 | Mailing List Patch Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/11/18/1 | Mailing List Patch Third Party Advisory |
http://www.securityfocus.com/bid/94395 | Third Party Advisory VDB Entry |
https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/ | Patch Third Party Advisory Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-01-31 22:59
Updated : 2024-02-04 19:11
NVD link : CVE-2016-9410
Mitre link : CVE-2016-9410
CVE.ORG link : CVE-2016-9410
JSON object : View
Products Affected
mybb
- merge_system
- mybb
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor