Description

MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.

Remediation

References

CVE-2015-8977

Related Vulnerabilities

WordPress Plugin All-in-One WP Migration Multiple Cross-Site Request Forgery Vulnerabilities (7.1)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-2851)

PHP Uncontrolled Resource Consumption Vulnerability (CVE-2015-9253)

Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.9.24)

MySQL CVE-2021-35596 Vulnerability (CVE-2021-35596)

Severity

High

Classification

CVE-2015-8977 CWE-532 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities