icon

We found results for “

CVE-2009-4449

Good to know:

icon

Date: December 29, 2009

Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.4.10, and possibly earlier versions, when changing the user avatar from the gallery, allows remote authenticated users to determine the existence of files via directory traversal sequences in the avatar and possibly the gallery parameters, related to (1) admin/modules/user/users.php and (2) usercp.php.

Language: PHP

Severity Score

Severity Score

Weakness Type (CWE)

Path Traversal

CWE-22

Top Fix

icon

Upgrade Version

Upgrade to version mybb_1410

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): SINGLE
Confidentiality (C): COMPLETE
Integrity (I): NONE
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us