Description
In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.3.23)
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-4558)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9700)
Oracle Database Server CVE-2014-2408 Vulnerability (CVE-2014-2408)