CVE-2024-23335

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-23335
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-23335.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-23335
Related
  • GHSA-94xr-g4ww-j47r
Published
2024-05-01T07:15:38Z
Modified
2025-01-08T15:49:14.519358Z
Summary
[none]
Details

MyBB is a free and open source forum software. The backup management module of the Admin CP may accept .htaccess as the name of the backup file to be deleted, which may expose the stored backup files over HTTP on Apache servers. MyBB 1.8.38 resolves this issue. Users are advised to upgrade. There are no known workarounds for this vulnerability

References

Affected packages

Git / github.com/mybb/mybb

Affected ranges

Type
GIT
Repo
https://github.com/mybb/mybb
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

Other

mybb_1800
mybb_1801
mybb_1804
mybb_1805
mybb_1806
mybb_1807
mybb_1808
mybb_1809
mybb_1810
mybb_1811
mybb_1812
mybb_1813
mybb_1814
mybb_1815
mybb_1815_build
mybb_1816
mybb_1816_build
mybb_1817
mybb_1817_build
mybb_1818
mybb_1818_build
mybb_1819
mybb_1819_build
mybb_1820
mybb_1820-rc
mybb_1820_build
mybb_1821
mybb_1821_build
mybb_1821pl1
mybb_1822
mybb_1822_build
mybb_1823
mybb_1823_build
mybb_1824
mybb_1825
mybb_1826
mybb_1827
mybb_1827_build
mybb_1828
mybb_1828_build
mybb_1829
mybb_1830
mybb_1831
mybb_1831_build
mybb_1832
mybb_1832_build
mybb_1833
mybb_1833_build
mybb_1834
mybb_1834_build
mybb_1835
mybb_1835_build
mybb_1836
mybb_1837
mybb_1837_build
mybb_1838_build