Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mybulletinboard mybulletinboard 1.0.2 |