MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9411)
Description
The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to obtain the installation path via vectors involving sending mails.