Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb 1.1.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-2908
The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote malicious users to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier.
Mybulletinboard Mybulletinboard 1.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-0382
Multiple eval injection vulnerabilities in MyBB 1.2.10 and previous versions allow remote malicious users to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1.7
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.10
2 EDB exploits
7.5
CVSSv2
CVE-2009-2230
SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) prior to 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy parameter.
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.7
Mybulletinboard Mybulletinboard 1.1.6
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.2.11
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.4.5
Mybulletinboard Mybulletinboard
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.4.2
Mybulletinboard Mybulletinboard 1.4.3
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.2
1 EDB exploit
6.8
CVSSv2
CVE-2006-2949
Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2 allows remote malicious users to inject arbitrary web script or HTML via the do parameter.
Mybulletinboard Mybulletinboard 1.1.2
6.5
CVSSv2
CVE-2008-0787
SQL injection vulnerability in inc/datahandlers/pm.php in MyBB prior to 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.2.11
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.10
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard Rc3
Mybulletinboard Mybulletinboard Rc4
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1.6
Mybulletinboard Mybulletinboard 1.1.7
1 EDB exploit
7.5
CVSSv2
CVE-2006-3420
Cross-site request forgery (CSRF) vulnerability in editpost.php in MyBulletinBoard (MyBB) prior to 1.1.5 allows remote malicious users to perform unauthorized actions as a logged in user and delete arbitrary forum posts via a bbcode IMG tag with a modified delete parameter in a d...
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.1.1
5
CVSSv2
CVE-2006-4971
MyBB (aka MyBulletinBoard) allows remote malicious users to obtain sensitive information via a direct request for inc/plugins/hello.php, which reveals the path in an error message.
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.14
Mybulletinboard Mybulletinboard 1.20
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.1.7
Mybulletinboard Mybulletinboard 1.10
5.1
CVSSv2
CVE-2006-4972
Cross-site scripting (XSS) vulnerability in archive/index.php/forum-4.html in MyBB (aka MyBulletinBoard) allows remote malicious users to inject arbitrary web script or HTML via the navbits[][name] parameter.
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.20
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.14
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1.7
7.5
CVSSv2
CVE-2006-3243
SQL injection vulnerability in usercp.php in MyBB (MyBulletinBoard) 1.0 up to and including 1.1.3 allows remote malicious users to execute arbitrary SQL commands via the showcodebuttons parameter.
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.00 Rc1
Mybulletinboard Mybulletinboard 1.00 Rc2
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
Mybulletinboard Mybulletinboard 1.00 Rc4 Security Patch
Mybulletinboard Mybulletinboard 1.01
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.00 Rc3
Mybulletinboard Mybulletinboard 1.00 Rc4
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.04
Mybulletinboard Mybulletinboard 1.1
4.3
CVSSv2
CVE-2006-3761
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.0 RC2 up to and including 1.1.4 allows remote malicious users to inject arbitrary web script or HTML via a javascript URI with an SGML numeric character reference in the url BBCode ...
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.00 Rc4 Security Patch
Mybulletinboard Mybulletinboard 1.01
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.00 Rc3
Mybulletinboard Mybulletinboard 1.00 Rc4
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.00 Rc1
Mybulletinboard Mybulletinboard 1.00 Rc2
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.04
Mybulletinboard Mybulletinboard 1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »