Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybulletinboard mybulletinboard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0494
Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter.
Mybulletinboard Mybulletinboard 1.0.2
NA
CVE-2006-0639
Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka MyBulletinBoard) 1.0.2 allows remote attackers with knowledge of the table prefix to inject arbitrary web script or HTML via a URL encoded value of the keywords parameter, as demonstrated by %3Cscript%3E.
Mybulletinboard Mybulletinboard 1.0.2
NA
CVE-2006-2949
Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2 allows remote malicious users to inject arbitrary web script or HTML via the do parameter.
Mybulletinboard Mybulletinboard 1.1.2
NA
CVE-2006-1911
Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 allows remote malicious users to inject arbitrary web script or HTML via the attachment content disposition in an HTML attachment.
Mybulletinboard Mybulletinboard 1.1
NA
CVE-2006-1912
MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL variable in (1) global.php and (2) inc/init.php, which allows remote malicious users to initialize arbitrary variables that are processed by an @extract command, which could then be leveraged to conduct cross-site...
Mybulletinboard Mybulletinboard 1.10
1 EDB exploit
NA
CVE-2005-3777
MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote malicious users to delete or move private messages (PM) via modified fields in the inbox form.
Mybulletinboard Mybulletinboard Preview Release 2 Rev 686
NA
CVE-2006-2333
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.1 allow remote malicious users to execute arbitrary SQL commands via the e-mail address when registering for a forum that requires e-mail verification, which is not properly handled in (1) usercp.php and (2)...
Mybulletinboard Mybulletinboard 1.1.1
NA
CVE-2006-2103
SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the (1) query string ($querystring variable) in (a) admin/adminlogs.php, which is not properly handled by adminfunctions.php; or (2) setid,...
Mybulletinboard Mybulletinboard 1.1.1
NA
CVE-2006-2336
SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote malicious users to execute arbitrary SQL commands via the comma parameter.
Mybulletinboard Mybulletinboard 1.1.1
1 EDB exploit
NA
CVE-2006-2589
SQL injection vulnerability in rss.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote malicious users to execute arbitrary SQL commands via the comma parameter. NOTE: it is not clear from the original report how this attack can succeed, since the demonstration URL uses a varia...
Mybulletinboard Mybulletinboard 1.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »