CVE-2006-1345

Properties

Published:
20.03.2006
Updated:
23.03.2006
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:P/I:N/A:N/B:N)
    Product:
    MyBB: MyBB

    Vulnerability description

    polls.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to obtain sensitive information via a vote action with an"option[]=null" parameter value, which reveals the path in an error message.

    References:

    BUGTRAQ:http://www.securityfocus.com/archive/1/archive/1/428056/100/0/threaded