Information Disclosure Vulnerability in MyBB Admin Control Panel and Merge System

Information Disclosure Vulnerability in MyBB Admin Control Panel and Merge System

CVE-2016-9411 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to obtain the installation path via vectors involving sending mails.

Learn more about our Web Application Penetration Testing UK.