Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MyBB 消息附件可预测文件名漏洞
Vulnerability Description
MyBB是一款流行的Web论坛程序。 在某些运行MyBB的服务器上,攻击者可以较容易的猜测到上传文件的文件名。有漏洞的代码段为: $filename = "post_".$mybb->user['uid']."_".time().".attach"; 这段代码创建以下形式的文件名:post_1234_[unix timestamp].attach. 如果知道了用户ID和张贴时间,就可以轻易的猜测到文件名,并绕过任何类型的MIME嗅探保护;此外这还可能导致权限提升,因为无论用户权限如何都可以读取附件。
CVSS Information
N/A
Vulnerability Type
N/A