Description

A JSON library in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to obtain the installation path via unknown vectors.

Remediation

References

CVE-2015-2335

Related Vulnerabilities

WordPress Plugin MasterStudy LMS-for Online Courses and Education SQL Injection (3.2.5)

WordPress Plugin Simple Image Sizes Unspecified Vulnerability (2.2.4)

Magento Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-8232)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6106)

WordPress Plugin WP-Forum 'forum_feed.php' SQL Injection (1.7.8)

Severity

Medium

Classification

CVE-2015-2335 CWE-200

Tags

Missing Update Known Vulnerabilities