MyBB Merge System 1.8.7

CPE Details

MyBB Merge System 1.8.7
mybb
merge_system
1.8.7
2017-02-02
17h55 +00:00
2021-07-01
12h02 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:mybb:merge_system:1.8.7:*:*:*:*:*:*:*

Informations

Vendor

mybb

Product

merge_system

Version

1.8.7

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2016-9415 2017-01-31 21h00 +00:00 MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import."
7.5
Haute
CVE-2016-9416 2017-01-31 21h00 +00:00 SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
9.8
Critique
CVE-2016-9417 2017-01-31 21h00 +00:00 The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
7.4
Haute
CVE-2016-9418 2017-01-31 21h00 +00:00 MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name.
7.5
Haute
CVE-2016-9420 2017-01-31 21h00 +00:00 MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comparison false positives."
9.8
Critique
CVE-2016-9421 2017-01-31 21h00 +00:00 Cross-site scripting (XSS) vulnerability in the Users module in the Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
6.1
Moyen