Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb 1.6.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5248
Cross-site scripting (XSS) vulnerability in MyBB prior to 1.6.15 allows remote malicious users to inject arbitrary web script or HTML via vectors related to video MyCode.
Mybb Mybb 1.6.5
Mybb Mybb 1.6.3
Mybb Mybb
Mybb Mybb 1.6.9
Mybb Mybb 1.6.8
Mybb Mybb 1.6.7
Mybb Mybb 1.6.12
Mybb Mybb 1.6.11
Mybb Mybb 1.6.10
Mybb Mybb 1.6.1
Mybb Mybb 1.6.13
Mybb Mybb 1.6.6
Mybb Mybb 1.6.4
Mybb Mybb 1.6.2
Mybb Mybb 1.6.0
NA
CVE-2014-1840
Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB 1.6.12 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the keywords parameter in a do_search action, which is not properly handled in a forced SQL error message.
Mybb Mybb 1.6.10
Mybb Mybb 1.6.2
Mybb Mybb 1.6.7
Mybb Mybb 1.6.9
Mybb Mybb
Mybb Mybb 1.6.0
Mybb Mybb 1.6.3
Mybb Mybb 1.6.4
Mybb Mybb 1.6.5
Mybb Mybb 1.6.6
Mybb Mybb 1.6.1
Mybb Mybb 1.6.11
Mybb Mybb 1.6.8
NA
CVE-2013-7288
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) prior to 1.6.12 allows remote malicious users to inject arbitrary web script or HTML via vectors related to Yahoo video URLs.
Mybb Mybb 1.6.6
Mybb Mybb 1.6.5
Mybb Mybb 1.6.4
Mybb Mybb 1.6.3
Mybb Mybb 1.6.2
Mybb Mybb 1.4.16
Mybb Mybb 1.4.15
Mybb Mybb 1.4.14
Mybb Mybb 1.4.13
Mybb Mybb 1.2.2
Mybb Mybb 1.2.14
Mybb Mybb 1.2.13
Mybb Mybb 1.2.12
Mybb Mybb 1.1.0
Mybb Mybb 1.04
Mybb Mybb 1.03
Mybb Mybb 1.02
Mybb Mybb 1.6.10
Mybb Mybb 1.6.7
Mybb Mybb 1.6.0
Mybb Mybb 1.5.1
Mybb Mybb 1.4.5
NA
CVE-2013-7275
Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBulletinBoard) prior to 1.6.12 allows remote malicious users to inject arbitrary web script or HTML via the editor parameter in a smilie list popup.
Mybb Mybb 1.6.8
Mybb Mybb 1.4.9
Mybb Mybb 1.4.8
Mybb Mybb 1.4.7
Mybb Mybb 1.4.6
Mybb Mybb 1.3
Mybb Mybb 1.2.9
Mybb Mybb 1.2.8
Mybb Mybb 1.2.7
Mybb Mybb 1.2
Mybb Mybb 1.1.8
Mybb Mybb 1.1.7
Mybb Mybb 1.1.6
Mybb Mybb 1.0
Mybb Mybb 1.6.6
Mybb Mybb 1.6.5
Mybb Mybb 1.6.4
Mybb Mybb 1.6.3
Mybb Mybb 1.6.2
Mybb Mybb 1.4.16
Mybb Mybb 1.4.15
Mybb Mybb 1.4.14
NA
CVE-2011-5131
Cross-site request forgery (CSRF) vulnerability in global.php in MyBB prior to 1.6.5 allows remote malicious users to hijack the authentication of a user for requests that change the user's language via the language parameter.
Mybb Mybb 1.4.8
Mybb Mybb 1.4.6
Mybb Mybb 1.4.16
Mybb Mybb 1.4.15
Mybb Mybb 1.3
Mybb Mybb 1.2.11
Mybb Mybb 1.2.6
Mybb Mybb 1.2.7
Mybb Mybb 1.1.7
Mybb Mybb 1.1.6
Mybb Mybb 1.1.1
Mybb Mybb
Mybb Mybb 1.6.0
Mybb Mybb 1.6.1
Mybb Mybb 1.4.10
Mybb Mybb 1.4.9
Mybb Mybb 1.4.13
Mybb Mybb 1.4.12
Mybb Mybb 1.2.12
Mybb Mybb 1.2.10
Mybb Mybb 1.2.13
Mybb Mybb 1.2.2
NA
CVE-2011-5132
Cross-site scripting (XSS) vulnerability in MyBB prior to 1.6.5 allows remote malicious users to inject arbitrary web script or HTML via vectors related to "usernames via AJAX."
Mybb Mybb 1.6.1
Mybb Mybb 1.6.2
Mybb Mybb 1.4.9
Mybb Mybb 1.4.11
Mybb Mybb 1.4.12
Mybb Mybb 1.4.7
Mybb Mybb 1.2.10
Mybb Mybb 1.2.0
Mybb Mybb 1.2.2
Mybb Mybb 1.2.1
Mybb Mybb 1.1.4
Mybb Mybb 1.6.0
Mybb Mybb 1.4.8
Mybb Mybb 1.4.6
Mybb Mybb 1.4.10
Mybb Mybb 1.4.15
Mybb Mybb 1.4.13
Mybb Mybb 1.2.11
Mybb Mybb 1.2.12
Mybb Mybb 1.2.7
Mybb Mybb 1.2.13
Mybb Mybb 1.1.6
NA
CVE-2011-5133
Unspecified vulnerability in MyBB prior to 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list."
Mybb Mybb 1.6.0
Mybb Mybb 1.5.2
Mybb Mybb 1.4.8
Mybb Mybb 1.4.1
Mybb Mybb 1.4.15
Mybb Mybb 1.4.0
Mybb Mybb 1.3
Mybb Mybb 1.2.12
Mybb Mybb 1.2.9
Mybb Mybb 1.2.6
Mybb Mybb 1.2.5
Mybb Mybb 1.1.6
Mybb Mybb 1.1.1
Mybb Mybb 1.6.1
Mybb Mybb 1.6.2
Mybb Mybb 1.6.3
Mybb Mybb 1.5.1
Mybb Mybb 1.4.13
Mybb Mybb 1.4.12
Mybb Mybb 1.4.7
Mybb Mybb 1.4.5
Mybb Mybb 1.2.13
NA
CVE-2012-2325
SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) prior to 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors.
Mybb Mybb 1.4.10
Mybb Mybb 1.4.9
Mybb Mybb 1.4.8
Mybb Mybb 1.4.7
Mybb Mybb 1.2.11
Mybb Mybb 1.2.10
Mybb Mybb
Mybb Mybb 1.6.4
Mybb Mybb 1.4.13
Mybb Mybb 1.4.11
Mybb Mybb 1.4.6
Mybb Mybb 1.4.4
Mybb Mybb 1.3
Mybb Mybb 1.2.13
Mybb Mybb 1.2.6
Mybb Mybb 1.2.4
Mybb Mybb 1.1.8
Mybb Mybb 1.1.6
Mybb Mybb 1.04
Mybb Mybb 1.02
Mybb Mybb 1.0
Mybb Mybb 1.2.9
NA
CVE-2012-2326
Cross-site scripting (XSS) vulnerability in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) prior to 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment.
Mybb Mybb 1.6.3
Mybb Mybb 1.6.1
Mybb Mybb 1.4.10
Mybb Mybb 1.4.8
Mybb Mybb 1.4.1
Mybb Mybb 1.5.1
Mybb Mybb 1.2.12
Mybb Mybb 1.2.10
Mybb Mybb 1.2.3
Mybb Mybb 1.2.1
Mybb Mybb 1.1.3
Mybb Mybb 1.1.1
Mybb Mybb 1.01
Mybb Mybb 1.0
Mybb Mybb
Mybb Mybb 1.6.5
Mybb Mybb 1.6.4
Mybb Mybb 1.4.6
Mybb Mybb 1.4.5
Mybb Mybb 1.4.4
Mybb Mybb 1.4.3
Mybb Mybb 1.2.8
NA
CVE-2012-2327
MyBB (aka MyBulletinBoard) prior to 1.6.7 allows remote malicious users to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message.
Mybb Mybb 1.6.5
Mybb Mybb 1.4.14
Mybb Mybb 1.4.12
Mybb Mybb 1.4.7
Mybb Mybb 1.4.5
Mybb Mybb 1.4.3
Mybb Mybb 1.5.2
Mybb Mybb 1.2.14
Mybb Mybb 1.2.7
Mybb Mybb 1.2.5
Mybb Mybb 1.2.0
Mybb Mybb 1.1.7
Mybb Mybb 1.1.5
Mybb Mybb 1.1.0
Mybb Mybb 1.03
Mybb Mybb 1.0
Mybb Mybb 1.6.3
Mybb Mybb 1.6.2
Mybb Mybb 1.6.1
Mybb Mybb 1.4.16
Mybb Mybb 1.4.2
Mybb Mybb 1.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »