Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-19048
Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote malicious users to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-ma...
Mybb Mybb 1.8.20
5.4
CVSSv3
CVE-2020-19049
Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote malicious users to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=fo...
Mybb Mybb 1.8.20
8.8
CVSSv3
CVE-2021-27890
SQL Injection vulnerablity in MyBB prior to 1.8.26 via theme properties included in theme XML files.
Mybb Mybb
1 Github repository
8.8
CVSSv3
CVE-2021-27946
SQL Injection vulnerability in MyBB prior to 1.8.26 via poll vote count. (issue 1 of 3).
Mybb Mybb
7.2
CVSSv3
CVE-2021-27948
SQL Injection vulnerability in MyBB prior to 1.8.26 via User Groups. (issue 3 of 3).
Mybb Mybb
7.2
CVSSv3
CVE-2021-27947
SQL Injection vulnerability in MyBB prior to 1.8.26 via the Copy Forum feature in Forum Management. (issue 2 of 3).
Mybb Mybb
6.1
CVSSv3
CVE-2021-27949
Cross-site Scripting vulnerability in MyBB prior to 1.8.26 via Custom moderator tools.
Mybb Mybb
6.1
CVSSv3
CVE-2021-27889
Cross-site Scripting (XSS) vulnerability in MyBB prior to 1.8.26 via Nested Auto URL when parsing messages.
Mybb Mybb
1 Github repository
NA
CVE-2021-281151
MyBB OUGC Feedback plugin version 1.8.22 suffers from a cross site scripting vulnerability.
6.1
CVSSv3
CVE-2021-28115
The OUGC Feedback plugin prior to 1.8.23 for MyBB allows XSS via the comment field of feedback during an edit operation.
Ougc Feedback Project Ougc Feedback
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »