Description
MyBB (aka MyBulletinBoard) before 1.6.7 allows remote attackers to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)
WordPress Plugin Advanced Custom Fields (ACF) Information Disclosure (6.0.2)
WordPress Plugin Catch Scroll Progress Bar Security Bypass (1.5)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14831)
WordPress Plugin Age Gate Unspecified Vulnerability (2.18.5)