Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb 1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0218
Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) prior to 1.0.2 have unspecified impact and attack vectors, related to (1) admin/moderate.php, (2) admin/themes.php, (3) inc/functions.php, (4) inc/functions_upload.php, (5) printthread.php, and (6) usercp.php, and pro...
Mybb Mybb 1.0
Mybb Mybb
Mybb Mybb 1.00
NA
CVE-2005-4199
Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) prior to 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) month, (2) day, and (3) year parameters in an addevent action in calendar.php; (4) threadmode and (5) showcodebuttons in an opt...
Mybb Mybb 1.0
Mybb Mybb
NA
CVE-2012-2325
SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) prior to 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors.
Mybb Mybb 1.4.10
Mybb Mybb 1.4.9
Mybb Mybb 1.4.8
Mybb Mybb 1.4.7
Mybb Mybb 1.2.11
Mybb Mybb 1.2.10
Mybb Mybb
Mybb Mybb 1.6.4
Mybb Mybb 1.4.13
Mybb Mybb 1.4.11
Mybb Mybb 1.4.6
Mybb Mybb 1.4.4
Mybb Mybb 1.3
Mybb Mybb 1.2.13
Mybb Mybb 1.2.6
Mybb Mybb 1.2.4
Mybb Mybb 1.1.8
Mybb Mybb 1.1.6
Mybb Mybb 1.04
Mybb Mybb 1.02
Mybb Mybb 1.0
Mybb Mybb 1.2.9
NA
CVE-2012-2327
MyBB (aka MyBulletinBoard) prior to 1.6.7 allows remote malicious users to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message.
Mybb Mybb 1.6.5
Mybb Mybb 1.4.14
Mybb Mybb 1.4.12
Mybb Mybb 1.4.7
Mybb Mybb 1.4.5
Mybb Mybb 1.4.3
Mybb Mybb 1.5.2
Mybb Mybb 1.2.14
Mybb Mybb 1.2.7
Mybb Mybb 1.2.5
Mybb Mybb 1.2.0
Mybb Mybb 1.1.7
Mybb Mybb 1.1.5
Mybb Mybb 1.1.0
Mybb Mybb 1.03
Mybb Mybb 1.0
Mybb Mybb 1.6.3
Mybb Mybb 1.6.2
Mybb Mybb 1.6.1
Mybb Mybb 1.4.16
Mybb Mybb 1.4.2
Mybb Mybb 1.4.1
NA
CVE-2012-2326
Cross-site scripting (XSS) vulnerability in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) prior to 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment.
Mybb Mybb 1.6.3
Mybb Mybb 1.6.1
Mybb Mybb 1.4.10
Mybb Mybb 1.4.8
Mybb Mybb 1.4.1
Mybb Mybb 1.5.1
Mybb Mybb 1.2.12
Mybb Mybb 1.2.10
Mybb Mybb 1.2.3
Mybb Mybb 1.2.1
Mybb Mybb 1.1.3
Mybb Mybb 1.1.1
Mybb Mybb 1.01
Mybb Mybb 1.0
Mybb Mybb
Mybb Mybb 1.6.5
Mybb Mybb 1.6.4
Mybb Mybb 1.4.6
Mybb Mybb 1.4.5
Mybb Mybb 1.4.4
Mybb Mybb 1.4.3
Mybb Mybb 1.2.8
NA
CVE-2012-2324
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) prior to 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the (1) user search or (2) Mail Log in the Admin Control Panel (ACP).
Mybb Mybb 1.4.15
Mybb Mybb 1.4.14
Mybb Mybb 1.4.13
Mybb Mybb 1.4.12
Mybb Mybb 1.5.1
Mybb Mybb 1.5.2
Mybb Mybb 1.3
Mybb Mybb 1.2.14
Mybb Mybb 1.2.0
Mybb Mybb 1.1.8
Mybb Mybb 1.1.7
Mybb Mybb 1.1.6
Mybb Mybb 1.0
Mybb Mybb 1.6.4
Mybb Mybb 1.6.2
Mybb Mybb 1.4.16
Mybb Mybb 1.4.11
Mybb Mybb 1.4.9
Mybb Mybb 1.4.2
Mybb Mybb 1.4.0
Mybb Mybb
Mybb Mybb 1.6.5
NA
CVE-2010-5096
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) prior to 1.6.1 allow remote malicious users to execute arbitrary SQL commands via the keywords parameter in a (1) do_search action to search.php or (2) do_stuff action to private.php. NOTE: the vendor disputes t...
Mybb Mybb 1.2.10
Mybb Mybb 1.4.11
Mybb Mybb 1.2.8
Mybb Mybb 1.4.3
Mybb Mybb 1.4.12
Mybb Mybb 1.0
Mybb Mybb 1.04
Mybb Mybb 1.1.1
Mybb Mybb 1.4.5
Mybb Mybb 1.1.3
Mybb Mybb 1.2.2
Mybb Mybb 1.4.14
Mybb Mybb 1.2.9
Mybb Mybb 1.4.8
Mybb Mybb 1.4.15
Mybb Mybb 1.2.1
Mybb Mybb 1.01
Mybb Mybb 1.1.6
Mybb Mybb 1.2.6
Mybb Mybb 1.4.0
Mybb Mybb 1.2.0
Mybb Mybb 1.4.1
2 EDB exploits
NA
CVE-2013-7288
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) prior to 1.6.12 allows remote malicious users to inject arbitrary web script or HTML via vectors related to Yahoo video URLs.
Mybb Mybb 1.6.6
Mybb Mybb 1.6.5
Mybb Mybb 1.6.4
Mybb Mybb 1.6.3
Mybb Mybb 1.6.2
Mybb Mybb 1.4.16
Mybb Mybb 1.4.15
Mybb Mybb 1.4.14
Mybb Mybb 1.4.13
Mybb Mybb 1.2.2
Mybb Mybb 1.2.14
Mybb Mybb 1.2.13
Mybb Mybb 1.2.12
Mybb Mybb 1.1.0
Mybb Mybb 1.04
Mybb Mybb 1.03
Mybb Mybb 1.02
Mybb Mybb 1.6.10
Mybb Mybb 1.6.7
Mybb Mybb 1.6.0
Mybb Mybb 1.5.1
Mybb Mybb 1.4.5
NA
CVE-2013-7275
Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBulletinBoard) prior to 1.6.12 allows remote malicious users to inject arbitrary web script or HTML via the editor parameter in a smilie list popup.
Mybb Mybb 1.6.8
Mybb Mybb 1.4.9
Mybb Mybb 1.4.8
Mybb Mybb 1.4.7
Mybb Mybb 1.4.6
Mybb Mybb 1.3
Mybb Mybb 1.2.9
Mybb Mybb 1.2.8
Mybb Mybb 1.2.7
Mybb Mybb 1.2
Mybb Mybb 1.1.8
Mybb Mybb 1.1.7
Mybb Mybb 1.1.6
Mybb Mybb 1.0
Mybb Mybb 1.6.6
Mybb Mybb 1.6.5
Mybb Mybb 1.6.4
Mybb Mybb 1.6.3
Mybb Mybb 1.6.2
Mybb Mybb 1.4.16
Mybb Mybb 1.4.15
Mybb Mybb 1.4.14
5.4
CVSSv3
CVE-2018-14724
In the Ban List plugin 1.0 for MyBB, any forum user with mod privileges can ban users and input an XSS payload into the ban reason, which is executed on the bans.php page.
Mybb Ban List 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »