Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybulletinboard mybulletinboard 1.1.5 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-3775
SQL injection vulnerability in the init function in class_session.php in MyBB (aka MyBulletinBoard) 1.1.5 allows remote malicious users to execute arbitrary SQL commands via the CLIENT-IP HTTP header ($_SERVER['HTTP_CLIENT_IP'] variable), as utilized by index.php.
Mybulletinboard Mybulletinboard 1.1.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-0382
Multiple eval injection vulnerabilities in MyBB 1.2.10 and previous versions allow remote malicious users to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.1.7
2 EDB exploits
5
CVSSv2
CVE-2006-4971
MyBB (aka MyBulletinBoard) allows remote malicious users to obtain sensitive information via a direct request for inc/plugins/hello.php, which reveals the path in an error message.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.14
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.20
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.1.7
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
5.1
CVSSv2
CVE-2006-4972
Cross-site scripting (XSS) vulnerability in archive/index.php/forum-4.html in MyBB (aka MyBulletinBoard) allows remote malicious users to inject arbitrary web script or HTML via the navbits[][name] parameter.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.14
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.20
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.1.7
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
7.5
CVSSv2
CVE-2009-2230
SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) prior to 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy parameter.
Mybulletinboard Mybulletinboard 1.4.3
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.4.5
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.1.6
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.2.11
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.4.2
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.1.7
1 EDB exploit
6.5
CVSSv2
CVE-2008-0787
SQL injection vulnerability in inc/datahandlers/pm.php in MyBB prior to 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard Rc3
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.1.6
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard Rc2
Mybulletinboard Mybulletinboard Rc1
Mybulletinboard Mybulletinboard 1.2.11
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard Rc4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
1 EDB exploit
5
CVSSv2
CVE-2006-3954
Directory traversal vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote malicious users to read arbitrary files via a .. (dot dot) in the gallery parameter in a (1) avatar or (2) do_avatar action.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.14
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.00 Rc4
Mybulletinboard Mybulletinboard 1.00 Rc3
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.20
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.00 Rc4 Security Patch
Mybulletinboard Mybulletinboard 1.04
Mybulletinboard Mybulletinboard 1.01
Mybulletinboard Mybulletinboard 1.00 Rc1
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.00 Rc2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.1.2
4.3
CVSSv2
CVE-2006-3953
Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote malicious users to inject arbitrary web script or HTML via the gallery parameter.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.14
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.00 Rc4
Mybulletinboard Mybulletinboard 1.00 Rc3
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.20
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.00 Rc4 Security Patch
Mybulletinboard Mybulletinboard 1.04
Mybulletinboard Mybulletinboard 1.01
Mybulletinboard Mybulletinboard 1.00 Rc1
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.00 Rc2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.1.2
7.5
CVSSv2
CVE-2006-3420
Cross-site request forgery (CSRF) vulnerability in editpost.php in MyBulletinBoard (MyBB) prior to 1.1.5 allows remote malicious users to perform unauthorized actions as a logged in user and delete arbitrary forum posts via a bbcode IMG tag with a modified delete parameter in a d...
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.1.2
NA
CVE-2011-4084
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4858. Reason: This candidate is a duplicate of CVE-2011-4858. Notes: All CVE users should reference CVE-2011-4858 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »