Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-9409
Cross-site scripting (XSS) vulnerability in the Admin control panel in MyBB (aka MyBulletinBoard) prior to 1.8.7 and MyBB Merge System prior to 1.8.7 might allow remote malicious users to inject arbitrary web script or HTML via vectors involving pruning logs.
Mybb Mybb
Mybb Merge System
NA
CVE-2023-28467
In MyBB prior to 1.8.34, there is XSS in the User CP module via the user email field.
Mybb Mybb
NA
CVE-2020-22612
Installer RCE on settings file write in MyBB prior to 1.8.22.
Mybb Mybb
3.5
CVSSv2
CVE-2021-27279
MyBB prior to 1.8.25 allows stored XSS via nested [email] tags with MyCode (aka BBCode).
Mybb Mybb
4.3
CVSSv2
CVE-2016-9419
Cross-site scripting (XSS) vulnerability in the Admin control panel in MyBB (aka MyBulletinBoard) prior to 1.8.8 and MyBB Merge System prior to 1.8.8 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mybb Mybb
3.5
CVSSv2
CVE-2021-41866
MyBB prior to 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly.
Mybb Mybb
3.5
CVSSv2
CVE-2014-3826
Cross-site scripting (XSS) vulnerability in MyBB prior to 1.6.13 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in the edit action of the config-profile_fields module.
Mybb Mybb
7.5
CVSSv2
CVE-2008-3071
Directory traversal vulnerability in inc/class_language.php in MyBB prior to 1.2.13 has unknown impact and attack vectors related to the $language variable.
Mybb Mybb
4
CVSSv2
CVE-2017-7566
MyBB prior to 1.8.11 allows remote malicious users to bypass an SSRF protection mechanism.
Mybb Mybb
10
CVSSv2
CVE-2015-2786
Unspecified vulnerability in MyBB (aka MyBulletinBoard) prior to 1.8.4 has unknown attack vectors related to "Group join request notifications sent to wrong group leaders."
Mybb Mybb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »