layerbb vulnerabilities and exploits

5.8
CVSSv2
CVE-2018-17996

LayerBB before 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/....

Layerbb
4.3
CVSSv2
CVE-2018-17997

LayerBB 1.1.1 allows XSS via the titles of conversations (PMs)....

Layerbb
7.5
CVSSv2
CVE-2018-17988

LayerBB 1.1.1 has SQL Injection via the search.php search_query parameter....

NA
CVE-2018-179961

LayerBB version 1.1.2 suffers from a cross site request forgery vulnerability....

NA
CVE-2019-76881

LayerBB version 1.1.2 suffers from a cross site scripting vulnerability....

NA
CVE-2018-179971

LayerBB version 1.1.1 suffers from a cross site scripting vulnerability....