Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-9421
Cross-site scripting (XSS) vulnerability in the Users module in the Admin control panel in MyBB (aka MyBulletinBoard) prior to 1.8.8 and MyBB Merge System prior to 1.8.8 might allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mybb Merge System
Mybb Mybb
5.4
CVSSv3
CVE-2021-27279
MyBB prior to 1.8.25 allows stored XSS via nested [email] tags with MyCode (aka BBCode).
Mybb Mybb
NA
CVE-2008-0383
Multiple SQL injection vulnerabilities in MyBB 1.2.10 and previous versions allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter ...
Mybb Mybb
1 EDB exploit
6.1
CVSSv3
CVE-2021-27889
Cross-site Scripting (XSS) vulnerability in MyBB prior to 1.8.26 via Nested Auto URL when parsing messages.
Mybb Mybb
1 Github repository
8.8
CVSSv3
CVE-2021-27946
SQL Injection vulnerability in MyBB prior to 1.8.26 via poll vote count. (issue 1 of 3).
Mybb Mybb
5.4
CVSSv3
CVE-2017-16781
The installer in MyBB prior to 1.8.13 has XSS.
Mybb Mybb
1 EDB exploit
7.2
CVSSv3
CVE-2022-39265
MyBB is a free and open source forum software. The _Mail Settings_ ? Additional Parameters for PHP's mail() function mail_parameters setting value, in connection with the configured mail program's options and behavior, may allow access to sensitive information and Remot...
Mybb Mybb
4.3
CVSSv3
CVE-2018-1000503
MyBB Group MyBB contains a Incorrect Access Control vulnerability in Private forums that can result in Users can view posts from private forums without having the password. This attack appear to be exploitable via Subscribe to a forum through IDOR. This vulnerability appears to h...
Mybb Mybb
9.8
CVSSv3
CVE-2020-22612
Installer RCE on settings file write in MyBB prior to 1.8.22.
Mybb Mybb
7.2
CVSSv3
CVE-2019-12831
In MyBB prior to 1.8.21, an attacker can abuse a default behavior of MySQL on many systems (that leads to truncation of strings that are too long for a database column) to create a PHP shell in the cache directory of a targeted forum via a crafted XML import, as demonstrated by t...
Mybb Mybb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »