Description In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter. Remediation References CVE-2017-8104 Related Vulnerabilities Nginx Off-by-one Error Vulnerability (CVE-2021-23017) TYPO3 Other Vulnerability (CVE-2012-1605) TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4855) WordPress Plugin Orbit Fox by ThemeIsle Multiple Vulnerabilities (2.10.2) Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2021-4183) Severity Medium Classification CVE-2017-8104 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities