CVE-2022-45867

Description

MyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages module allows remote authenticated users, with high privileges, to achieve local file inclusion and execution.

CVSS Version 3.1

nvd
CVE ID: CVE-2022-45867
Base Score: 7.2
Base Severity: HIGH
Vector String:CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.2

Refrence: NVD

Description​

Description