Description

MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.

Remediation

References

CVE-2015-8977

Related Vulnerabilities

Oracle Database Server CVE-2021-2173 Vulnerability (CVE-2021-2173)

MySQL CVE-2018-3285 Vulnerability (CVE-2018-3285)

WordPress Plugin Fusion:Extension-Map Multiple Unspecified Vulnerabilities (1.0.3)

WordPress Plugin WP Symposium Open Redirect (13.04)

WordPress Plugin AppPresser-Mobile App Framework Security Bypass (4.3.2)

Severity

High

Classification

CVE-2015-8977 CWE-532 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities