Unrated severityNVD Advisory· Published May 1, 2024· Updated Aug 1, 2024
Backups directory .htaccess deletion in. MyBB
CVE-2024-23335
Description
MyBB is a free and open source forum software. The backup management module of the Admin CP may accept .htaccess as the name of the backup file to be deleted, which may expose the stored backup files over HTTP on Apache servers. MyBB 1.8.38 resolves this issue. Users are advised to upgrade. There are no known workarounds for this vulnerability
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/mybb/mybb/commit/450259e501b94c9d483efb167cb2bf875605e111.patchmitrex_refsource_MISC
- github.com/mybb/mybb/security/advisories/GHSA-94xr-g4ww-j47rmitrex_refsource_CONFIRM
- mybb.com/versions/1.8.38mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.