Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
minibb minibb vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-6506
Cross-Site Scripting (XSS) exists in the Add Forum feature in the Administrative Panel in miniBB 3.2.2 via crafted use of an onload attribute of an SVG element in the supertitle field.
Minibb Minibb 3.2.2
4.3
CVSSv2
CVE-2008-2066
Cross-site scripting (XSS) vulnerability in bb_admin.php in miniBB 2.2a allows remote malicious users to inject arbitrary web script or HTML via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions prior to 3.0.1 are also vulnerable.
Minibb Minibb 2.2a
7.5
CVSSv2
CVE-2008-2067
SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remote malicious users to execute arbitrary SQL commands via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions prior to 3.0.1 are also vulnerable.
Minibb Minibb 2.2a
7.8
CVSSv2
CVE-2007-3272
Directory traversal vulnerability in index.php in MiniBB 2.0.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the language parameter in a register action.
Minibb Minibb 2.0.5
1 EDB exploit
7.5
CVSSv2
CVE-2007-2317
Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and previous versions, as used by TOSMO/Mambo 4.0.12 and probably other products, allow remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter to bb_plugins.php in (1) c...
Minibb Minibb
Tosmo Mambo Tosmo Mambo
1 EDB exploit
10
CVSSv2
CVE-2006-7153
PHP remote file inclusion vulnerability in index.php in MiniBB Forum 2 allows remote malicious users to execute arbitrary code via a URL in the pathToFiles parameter.
Minibb Forum 2
10
CVSSv2
CVE-2006-7156
PHP remote file inclusion vulnerability in addon_keywords.php in Keyword Replacer (keyword_replacer) 1.0 and previous versions, a module for miniBB, allows remote malicious users to execute arbitrary PHP code via a URL in the pathToFiles parameter.
Minibb Keyword Replacer
1 EDB exploit
7.5
CVSSv2
CVE-2006-3690
Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) components/com_minibb.php or (2) components/minibb/index.php.
Minibb Forum 1.5a
1 EDB exploit
7.5
CVSSv2
CVE-2006-3771
Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) articles.php, (2) contact.php, (3) displaypage.php, (4) faq.p...
Imaginex-resource Imanage Cms
1 EDB exploit
9.3
CVSSv2
CVE-2008-5171
Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) DB, (2) lang, and (3) skin pa...
Phpblaster Phpblaster Cms 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »