5
CVE-2010-4625
- EPSS 2.22%
- Veröffentlicht 30.12.2010 21:00:02
- Zuletzt bearbeitet 16.06.2026 23:25:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by reading the Latest Threads block of the Portal Page.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.22% | 0.804 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://openwall.com/lists/oss-security/2010/10/08/7
http://openwall.com/lists/oss-security/2010/10/11/8
http://openwall.com/lists/oss-security/2010/12/06/2
http://blog.mybb.com/2010/04/13/mybb-1-4-12-released-security-maintenance-update/
http://community.mybb.com/thread-66255.html
http://dev.mybboard.net/issues/809
https://exchange.xforce.ibmcloud.com/vulnerabilities/64517