4 matches found
CVE-2025-29457
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...
CVE-2025-29457
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...
CVE-2025-29457
creationtimestamp| type| source ---|---|--- 2025-04-17 21:58:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12360 2025-04-17 22:53:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ln274pksl32q 2025-04-18 03:12:07+00:00| seen|...
CVE-2025-29457
CVE-2025-29457 affects MyBB 1.8.38 via the Import a Theme function, enabling a remote attacker to obtain sensitive information. The supplier disputes the issue due to board administrator actions and SSRF mitigation. Public details confirm the vulnerability in the MyBB 1.8.38 import mechanism; no ...