Micheal Cottingham

**Name of the Vulnerable Software and Affected Versions** MyBB versions 1.4.2 **Description** The issue arises from improper handling of uploaded files with nonstandard file types that contain HTML sequences, allowing remote attackers to cause these files to be processed as HTML. This could potentially be leveraged for cross-site scripting (XSS) and other attacks. **Recommendations** For version 1.4.2, update to a version that properly handles file uploads and MIME types to prevent HTML sequences in uploaded files from being executed.

**Name of the Vulnerable Software and Affected Versions** 3Com TippingPoint SMS Server versions prior to 2.2.1.4478 **Description** The issue concerns the web management interface, which fails to restrict access to certain directories. This could allow remote attackers to obtain potentially sensitive information, including configuration settings. **Recommendations** For versions prior to 2.2.1.4478, update to version 2.2.1.4478 or later to resolve the issue.