Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
0xb9 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-10580
The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread subject) field.
Latest Posts On Profile Project Latest Posts On Profile 1.1
1 EDB exploit
4.3
CVSSv2
CVE-2018-14392
The New Threads plugin prior to 1.2 for MyBB has XSS.
Mybb New Threads
1 EDB exploit
4.3
CVSSv2
CVE-2018-14888
inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin prior to 3.1.0 for MyBB allows XSS via a post or thread subject.
Thank You\\/like Project Thank You\\/like
1 EDB exploit
4.3
CVSSv2
CVE-2018-15596
An issue exists in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren...
Mybb Mybb 1.8.17
1 EDB exploit
4.3
CVSSv2
CVE-2018-10366
An issue exists in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.
User Project User 1.4.5
1 EDB exploit
4.3
CVSSv2
CVE-2018-11532
An issue exists in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. changstats.php has XSS, as demonstrated by a subject field.
Changuondyu Advanced Statistics Project Changuondyu Advanced Statistics 1.0.2
1 EDB exploit
NA
CVE-2019-35011
MyBB OUGC Awards plugin version 1.8.3 suffers from a cross site scripting vulnerability.
NA
CVE-2021-243001
WordPress Product Slider for WooCommerce plugin version 1.13.21 suffers from a cross site scripting vulnerability.
6.8
CVSSv2
CVE-2019-16531
LayerBB prior to 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
Layerbb Layerbb
1 EDB exploit
1 Github repository
3.5
CVSSv2
CVE-2018-10365
An XSS issue exists in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized.
Threads To Link Project Threads To Link 1.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »