Description

MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.

Remediation

References

CVE-2015-8977

Related Vulnerabilities

WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.12)

MySQL CVE-2020-14540 Vulnerability (CVE-2020-14540)

SharePoint Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-3889)

WordPress Plugin Chameleon CSS SQL Injection (1.2)

Nginx Out-of-bounds Write Vulnerability (CVE-2022-41741)

Severity

High

Classification

CVE-2015-8977 CWE-532 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities