CVE-2016-9414

Severity CVSS v4.0:
Pending analysis
Type:
CWE-200 Information Leak / Disclosure
Publication date:
31/01/2017
Last modified:
20/04/2025

Description

MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mybb:merge_system:*:*:*:*:*:*:*:* 1.8.6 (including)
cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:* 1.8.6 (including)