Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybulletinboard mybulletinboard vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2006-2333
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.1 allow remote malicious users to execute arbitrary SQL commands via the e-mail address when registering for a forum that requires e-mail verification, which is not properly handled in (1) usercp.php and (2)...
Mybulletinboard Mybulletinboard 1.1.1
383
VMScore
CVE-2006-1911
Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 allows remote malicious users to inject arbitrary web script or HTML via the attachment content disposition in an HTML attachment.
Mybulletinboard Mybulletinboard 1.1
645
VMScore
CVE-2006-2336
SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote malicious users to execute arbitrary SQL commands via the comma parameter.
Mybulletinboard Mybulletinboard 1.1.1
1 EDB exploit
445
VMScore
CVE-2006-0406
search.php in MyBB 1.0.2 allows remote malicious users to obtain sensitive information via a certain search request that reveals the table prefix in a SQL error message, possibly due to invalid parameters.
Mybulletinboard Mybulletinboard 1.0.2
383
VMScore
CVE-2006-0494
Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter.
Mybulletinboard Mybulletinboard 1.0.2
578
VMScore
CVE-2006-0638
SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter.
Mybulletinboard Mybulletinboard 1.0.3
668
VMScore
CVE-2006-3758
inc/init.php in Archive Mode (Light) in MyBB (aka MyBulletinBoard) 1.1.4 calls the extract function with EXTR_OVERWRITE on HTTP POST and GET variables, which allows remote malicious users to overwrite arbitrary variables, as demonstrated via an SQL injection using the _SERVER[HTT...
Mybulletinboard Mybulletinboard 1.1.4
515
VMScore
CVE-2006-4449
Cross-site scripting (XSS) vulnerability in attachment.php in MyBulletinBoard (MyBB) 1.1.7 and possibly other versions allows remote malicious users to inject arbitrary web script or HTML via a GIF image that contains URL-encoded Javascript, which is rendered by Internet Explorer...
Mybulletinboard Mybulletinboard 1.1.7
1 EDB exploit
605
VMScore
CVE-2006-4706
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.1.7 allows remote malicious users to inject arbitrary web script or HTML via a url BBCode tag that contains a javascript URI with an SGML numeric character reference and an embedded...
Mybulletinboard Mybulletinboard 1.1.7
605
VMScore
CVE-2006-4707
Cross-site scripting (XSS) vulnerability in admin/global.php (aka the Admin CP login form) in MyBB (aka MyBulletinBoard) 1.1.7 allows remote malicious users to inject arbitrary web script or HTML via the query string ($_SERVER[PHP_SELF]).
Mybulletinboard Mybulletinboard 1.1.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »