CVE-2012-2327

MyBB (aka MyBulletinBoard) before 1.6.7 allows remote attackers to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
VendorProductVersion
mybbmybb
𝑥
≤ 1.6.6
mybbmybb
1.00
mybbmybb
1.0:beta4
mybbmybb
1.0:pr1
mybbmybb
1.0:pr2
mybbmybb
1.0:rc1
mybbmybb
1.0:rc2
mybbmybb
1.0:rc3
mybbmybb
1.0:rc4
mybbmybb
1.01
mybbmybb
1.1.0
mybbmybb
1.1.1
mybbmybb
1.1.2
mybbmybb
1.1.3
mybbmybb
1.1.4
mybbmybb
1.1.5
mybbmybb
1.1.6
mybbmybb
1.1.7
mybbmybb
1.1.8
mybbmybb
1.02
mybbmybb
1.2.0
mybbmybb
1.2.1
mybbmybb
1.2.2
mybbmybb
1.2.3
mybbmybb
1.2.4
mybbmybb
1.2.5
mybbmybb
1.2.6
mybbmybb
1.2.7
mybbmybb
1.2.8
mybbmybb
1.2.9
mybbmybb
1.2.10
mybbmybb
1.2.11
mybbmybb
1.2.12
mybbmybb
1.2.13
mybbmybb
1.2.14
mybbmybb
1.03
mybbmybb
1.3:pre-1.0
mybbmybb
1.04
mybbmybb
1.4.0
mybbmybb
1.4.1
mybbmybb
1.4.2
mybbmybb
1.4.3
mybbmybb
1.4.4
mybbmybb
1.4.5
mybbmybb
1.4.6
mybbmybb
1.4.7
mybbmybb
1.4.8
mybbmybb
1.4.9
mybbmybb
1.4.10
mybbmybb
1.4.11
mybbmybb
1.4.12
mybbmybb
1.4.13
mybbmybb
1.4.14
mybbmybb
1.4.15
mybbmybb
1.4.16
mybbmybb
1.5.1
mybbmybb
1.5.2
mybbmybb
1.6.1
mybbmybb
1.6.2
mybbmybb
1.6.3
mybbmybb
1.6.4
mybbmybb
1.6.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/
http://www.openwall.com/lists/oss-security/2012/05/07/13
http://www.openwall.com/lists/oss-security/2012/05/07/14
http://www.securityfocus.com/bid/53417
http://blog.mybb.com/2012/04/01/mybb-1-6-7-update-1-8-development/
http://www.openwall.com/lists/oss-security/2012/05/07/13
http://www.openwall.com/lists/oss-security/2012/05/07/14
http://www.securityfocus.com/bid/53417