Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb 1.0 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-39338
The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/classes/MyBBXPSettings.php file which allowed attackers with administrative user access to inject arbitr...
Mybb Cross-poster Project Mybb Cross-poster
4.3
CVSSv2
CVE-2006-2070
Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the member parameter in a viewpro action.
Mybb Devbb 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6198
SQL injection vulnerability in pages.php in Custom Pages 1.0 plugin for MyBulletinBoard (MyBB) allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Mybboard Custom Pages Plugin 1.0
1 EDB exploit
NA
CVE-2021-33371
A stored cross-site scripting (XSS) vulnerability in /nav_bar_action.php of Student Management System v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box.
Student Management System Project Student Management System 1.0
7.5
CVSSv2
CVE-2008-0382
Multiple eval injection vulnerabilities in MyBB 1.2.10 and previous versions allow remote malicious users to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1.7
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.10
2 EDB exploits
3.5
CVSSv2
CVE-2018-11715
The Recent Threads plugin prior to 1.1 for MyBB allows XSS via a thread subject.
Recent Threads Project Recent Threads
1 EDB exploit
7.5
CVSSv2
CVE-2005-3326
SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote malicious users to execute arbitrary SQL commands via the awayday parameter.
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard Rc4
1 EDB exploit
7.5
CVSSv2
CVE-2009-2230
SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) prior to 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy parameter.
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.7
Mybulletinboard Mybulletinboard 1.1.6
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.2.11
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.4.5
Mybulletinboard Mybulletinboard
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.4.2
Mybulletinboard Mybulletinboard 1.4.3
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.2
1 EDB exploit
NA
CVE-2018-147241
MyBB Bans List version 1.0 suffers from a cross site scripting vulnerability.
7.8
CVSSv2
CVE-2011-5034
Apache Geronimo 2.2.1 and previous versions computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE...
Apache Geronimo 2.1.5
Apache Geronimo 2.1.8
Apache Geronimo 1.0
Apache Geronimo 2.1.2
Apache Geronimo 2.1.6
Apache Geronimo 1.1
Apache Geronimo 2.2
Apache Geronimo 2.1.1
Apache Geronimo 1.1.1
Apache Geronimo 2.1
Apache Geronimo 2.1.3
Apache Geronimo 1.2
Apache Geronimo 2.1.4
Apache Geronimo
Apache Geronimo 2.0.1
Apache Geronimo 2.0.2
Apache Geronimo 2.1.7
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »