CVE-2022-45867 Information

Description

MyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages module allows remote authenticated users with high privileges to achieve local file inclusion and execution.

Reference

https://github.com/mybb/mybb/security/advisories/GHSA-cpfv-6f8w-759r