Description In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter. Remediation References CVE-2017-8104 Related Vulnerabilities Java Unspesificed Vulnerability (CVE-2018-2941) MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7566) WordPress Plugin Flexible Checkout Fields for WooCommerce Security Bypass (2.3.1) WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (4.0.5) MySQL CVE-2018-2667 Vulnerability (CVE-2018-2667) Severity Medium Classification CVE-2017-8104 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities