Information Disclosure: Installation Path Exposure in MyBB

Information Disclosure: Installation Path Exposure in MyBB

CVE-2015-8977 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.

Learn more about our Web Application Penetration Testing UK.