Vulnerability Details CVE-2016-9410
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to obtain sensitive database information via vectors involving templates.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 78.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.openwall.com/lists/oss-security/2016/11/10/8
- http://www.openwall.com/lists/oss-security/2016/11/18/1
- http://www.securityfocus.com/bid/94395
- https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/
- http://www.openwall.com/lists/oss-security/2016/11/10/8
- http://www.openwall.com/lists/oss-security/2016/11/18/1
- http://www.securityfocus.com/bid/94395
- https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/
Products affected by CVE-2016-9410
-
cpe:2.3:a:mybb:merge_system:1.8.5
-
cpe:2.3:a:mybb:mybb:1.0
-
cpe:2.3:a:mybb:mybb:1.0.2
-
cpe:2.3:a:mybb:mybb:1.00
-
cpe:2.3:a:mybb:mybb:1.01
-
cpe:2.3:a:mybb:mybb:1.02
-
cpe:2.3:a:mybb:mybb:1.03
-
cpe:2.3:a:mybb:mybb:1.04
-
cpe:2.3:a:mybb:mybb:1.1.0
-
cpe:2.3:a:mybb:mybb:1.1.1
-
cpe:2.3:a:mybb:mybb:1.1.2
-
cpe:2.3:a:mybb:mybb:1.1.3
-
cpe:2.3:a:mybb:mybb:1.1.4
-
cpe:2.3:a:mybb:mybb:1.1.5
-
cpe:2.3:a:mybb:mybb:1.1.6
-
cpe:2.3:a:mybb:mybb:1.1.7
-
cpe:2.3:a:mybb:mybb:1.1.8
-
cpe:2.3:a:mybb:mybb:1.2
-
cpe:2.3:a:mybb:mybb:1.2.0
-
cpe:2.3:a:mybb:mybb:1.2.1
-
cpe:2.3:a:mybb:mybb:1.2.10
-
cpe:2.3:a:mybb:mybb:1.2.11
-
cpe:2.3:a:mybb:mybb:1.2.12
-
cpe:2.3:a:mybb:mybb:1.2.13
-
cpe:2.3:a:mybb:mybb:1.2.14
-
cpe:2.3:a:mybb:mybb:1.2.2
-
cpe:2.3:a:mybb:mybb:1.2.3
-
cpe:2.3:a:mybb:mybb:1.2.4
-
cpe:2.3:a:mybb:mybb:1.2.5
-
cpe:2.3:a:mybb:mybb:1.2.6
-
cpe:2.3:a:mybb:mybb:1.2.7
-
cpe:2.3:a:mybb:mybb:1.2.8
-
cpe:2.3:a:mybb:mybb:1.2.9
-
cpe:2.3:a:mybb:mybb:1.3
-
cpe:2.3:a:mybb:mybb:1.4.0
-
cpe:2.3:a:mybb:mybb:1.4.1
-
cpe:2.3:a:mybb:mybb:1.4.10
-
cpe:2.3:a:mybb:mybb:1.4.11
-
cpe:2.3:a:mybb:mybb:1.4.12
-
cpe:2.3:a:mybb:mybb:1.4.13
-
cpe:2.3:a:mybb:mybb:1.4.14
-
cpe:2.3:a:mybb:mybb:1.4.15
-
cpe:2.3:a:mybb:mybb:1.4.16
-
cpe:2.3:a:mybb:mybb:1.4.2
-
cpe:2.3:a:mybb:mybb:1.4.3
-
cpe:2.3:a:mybb:mybb:1.4.4
-
cpe:2.3:a:mybb:mybb:1.4.5
-
cpe:2.3:a:mybb:mybb:1.4.6
-
cpe:2.3:a:mybb:mybb:1.4.7
-
cpe:2.3:a:mybb:mybb:1.4.8
-
cpe:2.3:a:mybb:mybb:1.4.9
-
cpe:2.3:a:mybb:mybb:1.5.1
-
cpe:2.3:a:mybb:mybb:1.5.2
-
cpe:2.3:a:mybb:mybb:1.6.0
-
cpe:2.3:a:mybb:mybb:1.6.1
-
cpe:2.3:a:mybb:mybb:1.6.10
-
cpe:2.3:a:mybb:mybb:1.6.11
-
cpe:2.3:a:mybb:mybb:1.6.12
-
cpe:2.3:a:mybb:mybb:1.6.13
-
cpe:2.3:a:mybb:mybb:1.6.14
-
cpe:2.3:a:mybb:mybb:1.6.15
-
cpe:2.3:a:mybb:mybb:1.6.16
-
cpe:2.3:a:mybb:mybb:1.6.17
-
cpe:2.3:a:mybb:mybb:1.6.18
-
cpe:2.3:a:mybb:mybb:1.6.2
-
cpe:2.3:a:mybb:mybb:1.6.3
-
cpe:2.3:a:mybb:mybb:1.6.4
-
cpe:2.3:a:mybb:mybb:1.6.5
-
cpe:2.3:a:mybb:mybb:1.6.6
-
cpe:2.3:a:mybb:mybb:1.6.7
-
cpe:2.3:a:mybb:mybb:1.6.8
-
cpe:2.3:a:mybb:mybb:1.6.9
-
cpe:2.3:a:mybb:mybb:1.8.0
-
cpe:2.3:a:mybb:mybb:1.8.1
-
cpe:2.3:a:mybb:mybb:1.8.2
-
cpe:2.3:a:mybb:mybb:1.8.3
-
cpe:2.3:a:mybb:mybb:1.8.4
-
cpe:2.3:a:mybb:mybb:1.8.5
-
cpe:2.3:a:mybb:mybb:1.8.6