Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybulletinboard mybulletinboard vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-1625
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote malicious users to inject arbitrary web script or HTML via a JavaScript event in a BBCode email tag, as demonstrated using the onmousemove event.
Mybulletinboard Mybulletinboard 1.10
5.1
CVSSv2
CVE-2006-1716
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote malicious users to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag. NOTE: the email vector is already covered by CVE-2006-1625, altho...
Mybulletinboard Mybulletinboard 1.10
5.1
CVSSv2
CVE-2006-1717
Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote malicious users to inject arbitrary web script or HTML via the username.
Mybulletinboard Mybulletinboard 1.10
5
CVSSv2
CVE-2006-1065
SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) 1.04 allows remote malicious users to execute arbitrary SQL commands via the forums[] parameter.
Mybulletinboard Mybulletinboard 1.04
7.5
CVSSv2
CVE-2005-0282
SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote malicious users to execute arbitrary SQL commands via the uid parameter.
Mybulletinboard Mybulletinboard 1.0 Rc4
5.1
CVSSv2
CVE-2006-4449
Cross-site scripting (XSS) vulnerability in attachment.php in MyBulletinBoard (MyBB) 1.1.7 and possibly other versions allows remote malicious users to inject arbitrary web script or HTML via a GIF image that contains URL-encoded Javascript, which is rendered by Internet Explorer...
Mybulletinboard Mybulletinboard 1.1.7
1 EDB exploit
6.8
CVSSv2
CVE-2006-4706
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.1.7 allows remote malicious users to inject arbitrary web script or HTML via a url BBCode tag that contains a javascript URI with an SGML numeric character reference and an embedded...
Mybulletinboard Mybulletinboard 1.1.7
5
CVSSv2
CVE-2006-1345
polls.php in MyBB (aka MyBulletinBoard) 1.10 allows remote malicious users to obtain sensitive information via a vote action with an "option[]=null" parameter value, which reveals the path in an error message.
Mybulletinboard Mybulletinboard 1.10
7.5
CVSSv2
CVE-2007-1963
SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulletinBoard) 1.2.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CV...
Mybb Mybb
Mybulletinboard Mybulletinboard
1 EDB exploit
6
CVSSv2
CVE-2007-1964
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password ve...
Mybb Mybb 1.2.5
Mybulletinboard Mybulletinboard 1.2.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »