CVE-2006-0494 Information

Description

Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (00) character in the plugin parameter.

Reference

http://www.securityfocus.com/archive/1/423465/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/24461