VYPR
Unrated severityNVD Advisory· Published May 14, 2007· Updated Jun 16, 2026

CVE-2007-0689

CVE-2007-0689

Description

MyBB 1.2.4 allows remote attackers to obtain sensitive information via the (1) action[] parameter to member.php, (2) imagehash[] parameter to captcha.php, and (3) a direct request to inc/datahandlers/event.php, which reveal the installation path in the resulting error message.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MyBB/Mybb2 versions
    cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*range: <=1.2.4
    • (no CPE)range: = 1.2.4

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.