Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb 1.0 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-39338
The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitr...
Mybb Cross-poster Project Mybb Cross-poster
4.3
CVSSv2
CVE-2006-2070
Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the member parameter in a viewpro action.
Mybb Devbb 1.0.0
1 EDB exploit
4.3
CVSSv2
CVE-2006-0470
Cross-site scripting (XSS) vulnerability in search.php in MyBulletinBoard (MyBB) 1.02 allows remote malicious users to inject arbitrary web script or HTML via the (1) sortby and (2) sortordr parameters, which are not properly handled in a redirection.
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
1 EDB exploit
7.5
CVSSv2
CVE-2006-1974
SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) prior to 1.04 allows remote malicious users to execute arbitrary SQL commands via the referrer parameter.
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
1 EDB exploit
7.5
CVSSv2
CVE-2008-0382
Multiple eval injection vulnerabilities in MyBB 1.2.10 and previous versions allow remote malicious users to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.1.7
2 EDB exploits
7.5
CVSSv2
CVE-2005-3326
SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote malicious users to execute arbitrary SQL commands via the awayday parameter.
Mybulletinboard Mybulletinboard Rc4
Mybulletinboard Mybulletinboard 1.0 Pr2
1 EDB exploit
7.5
CVSSv2
CVE-2008-6198
SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin for MyBulletinBoard (MyBB) allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Mybboard Custom Pages Plugin 1.0
1 EDB exploit
NA
CVE-2021-33371
A stored cross-site scripting (XSS) vulnerability in /nav_bar_action.php of Student Management System v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box.
Student Management System Project Student Management System 1.0
3.5
CVSSv2
CVE-2018-11715
The Recent Threads plugin prior to 1.1 for MyBB allows XSS via a thread subject.
Recent Threads Project Recent Threads
1 EDB exploit
6.5
CVSSv2
CVE-2008-0787
SQL injection vulnerability in inc/datahandlers/pm.php in MyBB prior to 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard Rc3
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.1.6
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard Rc2
Mybulletinboard Mybulletinboard Rc1
Mybulletinboard Mybulletinboard 1.2.11
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard Rc4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »