VYPR
Unrated severityNVD Advisory· Published May 1, 2024· Updated Aug 1, 2024

Backups directory .htaccess deletion in. MyBB

CVE-2024-23335

Description

MyBB is a free and open source forum software. The backup management module of the Admin CP may accept .htaccess as the name of the backup file to be deleted, which may expose the stored backup files over HTTP on Apache servers. MyBB 1.8.38 resolves this issue. Users are advised to upgrade. There are no known workarounds for this vulnerability

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MyBB/Mybbllm-fuzzy2 versions
    <=1.8.37+ 1 more
    • (no CPE)range: <=1.8.37
    • (no CPE)range: < 1.8.38

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.