MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9414)
Description
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories.