7 matches found
EUVD-2025-11802
Malicious code in bioql PyPI...
CVE-2025-29458
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...
CVE-2025-29458
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...
CVE-2025-29458
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...
CVE-2025-29458
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...
CVE-2025-29458
CVE-2025-29458 concerns MyBB 1.8.38. The vulnerability arises in the Change Avatar feature, which can allow a remote attacker to obtain sensitive information. Root cause: mishandling of Change Avatar functionality (per multiple sources); supplier disputes relate to administrator actions and SSRF ...
PT-2025-17240 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.38 Description: An issue in MyBB allows a remote attacker to obtain sensitive information via the Change Avatar function. The supplier disputes this due to the allowed actions of Board administrators and SSRF mitigation...