2 matches found
CVE-2008-4929
MyBB 1.4.2 stores attachments with filenames generated using insufficient randomness, allowing remote attackers to read files by guessing names. Affected component: attachment filename generation. Impact: partial confidentiality of attachment contents. Root cause: weak randomness in filename cons...
CVE-2008-4929
MyBB aka MyBulletinBoard 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames...