Path Traversal Vulnerability Affects MH Board
CVE-2024-44017

7.5HIGH

Key Information:

Vendor: WordPress
Status: Mh Board
Vendor: CVE Published:; 2 October 2024

Summary

A vulnerability exists in MH Board developed by MinHyeong Lim, specifically a Path Traversal issue that enables PHP Local File Inclusion. This security flaw can allow unauthorized access to sensitive files on the server by exploiting improper limitations of a pathname to a restricted directory. The issue is present in various versions of MH Board up to 1.3.2.1, making it a significant concern for system administrators and users of this product.

Affected Version(s)

MH Board <= 1.3.2.1

References

https://patchstack.com/database/vulnerability/mh-board/wo...

vdb-entry

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 2, 2024
Vulnerability Reserved
Aug 18, 2024

Credit

tahu.datar (Patchstack Alliance)