Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mybulletinboard mybulletinboard 1.01 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2006-0219
The original distribution of MyBulletinBoard (MyBB) to update from older versions to 1.0.2 omits or includes older versions of certain critical files, which allows malicious users to conduct (1) SQL injection attacks via an attachment name that is not properly handled by inc/func...
Mybulletinboard Mybulletinboard 1.0 Preview Release 2Mybulletinboard Mybulletinboard 1.01Mybulletinboard Mybulletinboard 1.0.2Mybulletinboard Mybulletinboard 1.0 Final
NA
CVE-2006-3761
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.0 RC2 up to and including 1.1.4 allows remote malicious users to inject arbitrary web script or HTML via a javascript URI with an SGML numeric character reference in the url BBCode ...
Mybulletinboard Mybulletinboard 1.0 FinalMybulletinboard Mybulletinboard 1.0 Pr2Mybulletinboard Mybulletinboard 1.00 Rc4 Security PatchMybulletinboard Mybulletinboard 1.01Mybulletinboard Mybulletinboard 1.0.3Mybulletinboard Mybulletinboard 1.0.4Mybulletinboard Mybulletinboard 1.00 Rc3Mybulletinboard Mybulletinboard 1.00 Rc4Mybulletinboard Mybulletinboard 1.1.3Mybulletinboard Mybulletinboard 1.1.4Mybulletinboard Mybulletinboard 1.0.1Mybulletinboard Mybulletinboard 1.0.2Mybulletinboard Mybulletinboard 1.00 Rc1Mybulletinboard Mybulletinboard 1.00 Rc2Mybulletinboard Mybulletinboard 1.1.1Mybulletinboard Mybulletinboard 1.1.2Mybulletinboard Mybulletinboard 1.0 Preview Release 2Mybulletinboard Mybulletinboard 1.0 Rc2Mybulletinboard Mybulletinboard 1.0 Rc4Mybulletinboard Mybulletinboard 1.04Mybulletinboard Mybulletinboard 1.1
NA
CVE-2006-3243
SQL injection vulnerability in usercp.php in MyBB (MyBulletinBoard) 1.0 up to and including 1.1.3 allows remote malicious users to execute arbitrary SQL commands via the showcodebuttons parameter.
Mybulletinboard Mybulletinboard 1.0.2Mybulletinboard Mybulletinboard 1.0.3Mybulletinboard Mybulletinboard 1.00 Rc1Mybulletinboard Mybulletinboard 1.00 Rc2Mybulletinboard Mybulletinboard 1.1.1Mybulletinboard Mybulletinboard 1.1.2Mybulletinboard Mybulletinboard 1.0 Pr2Mybulletinboard Mybulletinboard 1.0 Preview Release 2Mybulletinboard Mybulletinboard 1.00 Rc4 Security PatchMybulletinboard Mybulletinboard 1.01Mybulletinboard Mybulletinboard 1.0.4Mybulletinboard Mybulletinboard 1.0 FinalMybulletinboard Mybulletinboard 1.00 Rc3Mybulletinboard Mybulletinboard 1.00 Rc4Mybulletinboard Mybulletinboard 1.1.3Mybulletinboard Mybulletinboard 1.0.1Mybulletinboard Mybulletinboard 1.0 Rc2Mybulletinboard Mybulletinboard 1.0 Rc4Mybulletinboard Mybulletinboard 1.04Mybulletinboard Mybulletinboard 1.1
NA
CVE-2006-3954
Directory traversal vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote malicious users to read arbitrary files via a .. (dot dot) in the gallery parameter in a (1) avatar or (2) do_avatar action.
Mybulletinboard Mybulletinboard 1.0 Pr2Mybulletinboard Mybulletinboard 1.0 Preview Release 2Mybulletinboard Mybulletinboard 1.00 Rc4 Security PatchMybulletinboard Mybulletinboard 1.01Mybulletinboard Mybulletinboard 1.1.7Mybulletinboard Mybulletinboard 1.10Mybulletinboard Mybulletinboard 1.0.4Mybulletinboard Mybulletinboard 1.0 FinalMybulletinboard Mybulletinboard 1.00 Rc3Mybulletinboard Mybulletinboard 1.00 Rc4Mybulletinboard Mybulletinboard 1.1.3Mybulletinboard Mybulletinboard 1.1.4Mybulletinboard Mybulletinboard 1.1.5Mybulletinboard Mybulletinboard 1.0.2Mybulletinboard Mybulletinboard 1.0.3Mybulletinboard Mybulletinboard 1.00 Rc1Mybulletinboard Mybulletinboard 1.00 Rc2Mybulletinboard Mybulletinboard 1.1.1Mybulletinboard Mybulletinboard 1.1.2Mybulletinboard Mybulletinboard 1.0.1Mybulletinboard Mybulletinboard 1.0 Rc2Mybulletinboard Mybulletinboard 1.0 Rc4
NA
CVE-2006-3953
Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote malicious users to inject arbitrary web script or HTML via the gallery parameter.
Mybulletinboard Mybulletinboard 1.0 Rc2Mybulletinboard Mybulletinboard 1.0 Rc4Mybulletinboard Mybulletinboard 1.04Mybulletinboard Mybulletinboard 1.1Mybulletinboard Mybulletinboard 1.10Mybulletinboard Mybulletinboard 1.14Mybulletinboard Mybulletinboard 1.20Mybulletinboard Mybulletinboard 1.0 Pr2Mybulletinboard Mybulletinboard 1.0 Preview Release 2Mybulletinboard Mybulletinboard 1.00 Rc4 Security PatchMybulletinboard Mybulletinboard 1.01Mybulletinboard Mybulletinboard 1.1.5Mybulletinboard Mybulletinboard 1.1.7Mybulletinboard Mybulletinboard 1.0.4Mybulletinboard Mybulletinboard 1.0 FinalMybulletinboard Mybulletinboard 1.00 Rc3Mybulletinboard Mybulletinboard 1.00 Rc4Mybulletinboard Mybulletinboard 1.1.3Mybulletinboard Mybulletinboard 1.1.4Mybulletinboard Mybulletinboard 1.0.1Mybulletinboard Mybulletinboard 1.0.2Mybulletinboard Mybulletinboard 1.0.3
NA
CVE-2008-3967
moderation.php in MyBB (aka MyBulletinBoard) prior to 1.4.1 does not properly check for moderator privileges, which has unknown impact and remote attack vectors.
Mybb MybbMybb Mybb 1.2.9Mybb Mybb 1.2.8Mybb Mybb 1.1.4Mybb Mybb 1.1.5Mybb Mybb 1.00Mybb Mybb 1.2Mybb Mybb 1.1.6Mybb Mybb 1.1.8Mybb Mybb 1.04Mybb Mybb 1.03Mybb Mybb 1.2.10Mybb Mybb 1.2.0Mybb Mybb 1.2.13Mybb Mybb 1.1.7Mybb Mybb 1.1.3Mybb Mybb 1.02Mybb Mybb 1.01Mybb Mybb 1.2.4Mybb Mybb 1.2.5Mybb Mybb 1.1.1Mybb Mybb 1.2.1
NA
CVE-2008-3965
SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) prior to 1.4.1 allows remote malicious users to execute arbitrary SQL commands via a certain editor field.
Mybb Mybb 1.2.12Mybb Mybb 1.2.10Mybb Mybb 1.2.7Mybb Mybb 1.2.13Mybb Mybb 1.1.7Mybb Mybb 1.1.3Mybb Mybb 1.02Mybb Mybb 1.2.3Mybb Mybb 1.2.4Mybb MybbMybb Mybb 1.2.11Mybb Mybb 1.2.8Mybb Mybb 1.2.6Mybb Mybb 1.1.2Mybb Mybb 1.1.0Mybb Mybb 1.2.1Mybb Mybb 1.2.2Mybb Mybb 1.2Mybb Mybb 1.2.9Mybb Mybb 1.1.4Mybb Mybb 1.1.5Mybb Mybb 1.03
NA
CVE-2010-4624
MyBB (aka MyBulletinBoard) prior to 1.4.12 allows remote authenticated users to bypass intended restrictions on the number of [img] MyCodes by editing a post after it has been created.
Mybb Mybb 1.4.6Mybb Mybb 1.4.3Mybb Mybb 1.2Mybb Mybb 1.2.9Mybb Mybb 1.2.4Mybb Mybb 1.2.5Mybb Mybb 1.1.0Mybb Mybb 1.1.3Mybb Mybb 1.4.9Mybb Mybb 1.4.8Mybb Mybb 1.2.10Mybb Mybb 1.2.0Mybb Mybb 1.2.2Mybb Mybb 1.2.3Mybb Mybb 1.1.5Mybb Mybb 1.1.2Mybb Mybb 1.04Mybb Mybb 1.03Mybb Mybb 1.4.2Mybb Mybb 1.4.0Mybb Mybb 1.2.8Mybb Mybb 1.2.6
NA
CVE-2010-4627
Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB (aka MyBulletinBoard) prior to 1.4.12 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Mybb Mybb 1.4.3Mybb Mybb 1.4.2Mybb Mybb 1.2.9Mybb Mybb 1.2.8Mybb Mybb 1.2.4Mybb Mybb 1.2.5Mybb Mybb 1.1.7Mybb Mybb 1.1.3Mybb Mybb 1.1.1Mybb MybbMybb Mybb 1.4.0Mybb Mybb 1.2.11Mybb Mybb 1.2.6Mybb Mybb 1.2.7Mybb Mybb 1.1.6Mybb Mybb 1.1.8Mybb Mybb 1.00Mybb Mybb 1.02Mybb Mybb 1.4.10Mybb Mybb 1.4.9Mybb Mybb 1.2.12Mybb Mybb 1.2.10
NA
CVE-2008-3966
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) prior to 1.4.1 allow remote malicious users to inject arbitrary web script or HTML via (1) a certain referrer field in usercp2.php, (2) a certain location field in inc/functions_online.php, and cert...
Mybb Mybb 1.2.0Mybb Mybb 1.00Mybb Mybb 1.2Mybb Mybb 1.1.6Mybb Mybb 1.1.8Mybb Mybb 1.01Mybb Mybb 1.04Mybb Mybb 1.2.12Mybb Mybb 1.2.10Mybb Mybb 1.2.13Mybb Mybb 1.1.7Mybb Mybb 1.1.3Mybb Mybb 1.02Mybb Mybb 1.2.3Mybb Mybb 1.2.4Mybb Mybb 1.2.5Mybb MybbMybb Mybb 1.2.11Mybb Mybb 1.2.6Mybb Mybb 1.2.7Mybb Mybb 1.1.2Mybb Mybb 1.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook