Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb 1.0 vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2021-39338
The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitr...
Mybb Cross-poster Project Mybb Cross-poster
NA
CVE-2006-2070
Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the member parameter in a viewpro action.
Mybb Devbb 1.0.0
1 EDB exploit
NA
CVE-2006-0470
Cross-site scripting (XSS) vulnerability in search.php in MyBulletinBoard (MyBB) 1.02 allows remote malicious users to inject arbitrary web script or HTML via the (1) sortby and (2) sortordr parameters, which are not properly handled in a redirection.
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
1 EDB exploit
NA
CVE-2006-1974
SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) prior to 1.04 allows remote malicious users to execute arbitrary SQL commands via the referrer parameter.
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
1 EDB exploit
NA
CVE-2008-0382
Multiple eval injection vulnerabilities in MyBB 1.2.10 and previous versions allow remote malicious users to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.1.7
2 EDB exploits
NA
CVE-2005-3326
SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote malicious users to execute arbitrary SQL commands via the awayday parameter.
Mybulletinboard Mybulletinboard Rc4
Mybulletinboard Mybulletinboard 1.0 Pr2
1 EDB exploit
NA
CVE-2008-6198
SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin for MyBulletinBoard (MyBB) allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Mybboard Custom Pages Plugin 1.0
1 EDB exploit
5.4
CVSSv3
CVE-2021-33371
A stored cross-site scripting (XSS) vulnerability in /nav_bar_action.php of Student Management System v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box.
Student Management System Project Student Management System 1.0
5.4
CVSSv3
CVE-2018-11715
The Recent Threads plugin prior to 1.1 for MyBB allows XSS via a thread subject.
Recent Threads Project Recent Threads
1 EDB exploit
NA
CVE-2008-0787
SQL injection vulnerability in inc/datahandlers/pm.php in MyBB prior to 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard Rc3
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.1.6
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard Rc2
Mybulletinboard Mybulletinboard Rc1
Mybulletinboard Mybulletinboard 1.2.11
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard Rc4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »