Description
MyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages module allows remote authenticated users, with high privileges, to achieve local file inclusion and execution.
Remediation
References
Related Vulnerabilities
WordPress Plugin Wow Moodboard Lite Open Redirect (1.1.1.1)
MySQL CVE-2016-5443 Vulnerability (CVE-2016-5443)
WordPress Plugin Translate WordPress with GTranslate Open Redirect (2.8.10)
Drupal Core 4.6.x Security Bypass (4.6.0 - 4.6.3)
WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.3)