Description

MyBB (aka MyBulletinBoard) before 1.6.7 allows remote attackers to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message.

Remediation

References

CVE-2012-2327

Related Vulnerabilities

WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.2)

WordPress Plugin Daily Prayer Time Cross-Site Request Forgery (2023.03.08)

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3325)

WordPress Plugin Helpful Cross-Site Scripting (4.4.58)

WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Cross-Site Scripting (4.27.2)

Severity

Medium

Classification

CVE-2012-2327 CWE-200

Tags

Missing Update Known Vulnerabilities