Description
MyBB (aka MyBulletinBoard) before 1.6.7 allows remote attackers to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message.
Remediation
References
Related Vulnerabilities
WordPress Plugin bbPress Cross-Site Scripting (2.5.9)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.13)
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2014-6412)
WordPress Plugin Lightweight Sidebar Manager Cross-Site Request Forgery (1.1.4)
Oracle Database Server CVE-2006-0286 Vulnerability (CVE-2006-0286)