Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2019-3579
MyBB 1.8.19 allows remote malicious users to obtain sensitive information because it discloses the username upon receiving a password-reset request that lacks the code parameter.
Mybb Mybb 1.18.19
6.1
CVSSv3
CVE-2019-3578
MyBB 1.8.19 has XSS in the resetpassword function.
Mybb Mybb 1.18.19
6.1
CVSSv3
CVE-2018-19202
A reflected XSS vulnerability in index.php in MyBB 1.8.x up to and including 1.8.19 allows remote malicious users to inject JavaScript via the 'upsetting[bburl]' parameter.
Mybb Mybb
6.1
CVSSv3
CVE-2018-19201
A reflected XSS vulnerability in the ModCP Profile Editor in MyBB prior to 1.8.20 allows remote malicious users to inject JavaScript via the 'username' parameter.
Mybb Mybb
8.8
CVSSv3
CVE-2018-14575
Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject.
Mybb Trash Bin 1.1.3
1 EDB exploit
5.4
CVSSv3
CVE-2018-14724
In the Ban List plugin 1.0 for MyBB, any forum user with mod privileges can ban users and input an XSS payload into the ban reason, which is executed on the bans.php page.
Mybb Ban List 1.0
NA
CVE-2019-96501
MyBB Upcoming Events plugin version 1.32 suffers from a cross site scripting vulnerability.
6.1
CVSSv3
CVE-2019-9650
An XSS issue exists in upcoming_events.php in the Upcoming Events plugin prior to 1.33 for MyBB via a crafted name for an event.
Upcoming Events Project Upcoming Events
1 EDB exploit
NA
CVE-2018-145751
MyBB Trash Bin plugin version 1.1.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
NA
CVE-2018-147241
MyBB Bans List version 1.0 suffers from a cross site scripting vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »