Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybulletinboard mybulletinboard vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-4707
Cross-site scripting (XSS) vulnerability in admin/global.php (aka the Admin CP login form) in MyBB (aka MyBulletinBoard) 1.1.7 allows remote malicious users to inject arbitrary web script or HTML via the query string ($_SERVER[PHP_SELF]).
Mybulletinboard Mybulletinboard 1.1.7
6.4
CVSSv2
CVE-2006-2336
SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote malicious users to execute arbitrary SQL commands via the comma parameter.
Mybulletinboard Mybulletinboard 1.1.1
1 EDB exploit
6.8
CVSSv2
CVE-2006-1625
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote malicious users to inject arbitrary web script or HTML via a JavaScript event in a BBCode email tag, as demonstrated using the onmousemove event.
Mybulletinboard Mybulletinboard 1.10
4.3
CVSSv2
CVE-2006-1272
Multiple cross-site scripting (XSS) vulnerabilities in member.php in MyBulletin Board (MyBB) 1.0.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) aim, (2) yahoo, (3) msn, or (4) website field.
Mybulletinboard Mybulletinboard 1.0.3
7.5
CVSSv2
CVE-2005-2580
Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 with Security Patch allow remote malicious users to execute arbitrary SQL commands via the Username field in (1) index.php or (2) member.php, action parameter to (3) search.php or (4) member.php, or (5) pol...
Mybulletinboard Mybulletinboard 1.00 Rc4 Security Patch
4 EDB exploits
4.3
CVSSv2
CVE-2006-0639
Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka MyBulletinBoard) 1.0.2 allows remote attackers with knowledge of the table prefix to inject arbitrary web script or HTML via a URL encoded value of the keywords parameter, as demonstrated by %3Cscript%3E.
Mybulletinboard Mybulletinboard 1.0.2
6.8
CVSSv2
CVE-2006-4706
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.1.7 allows remote malicious users to inject arbitrary web script or HTML via a url BBCode tag that contains a javascript URI with an SGML numeric character reference and an embedded...
Mybulletinboard Mybulletinboard 1.1.7
5
CVSSv2
CVE-2006-1065
SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) 1.04 allows remote malicious users to execute arbitrary SQL commands via the forums[] parameter.
Mybulletinboard Mybulletinboard 1.04
7.5
CVSSv2
CVE-2007-1963
SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulletinBoard) 1.2.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CV...
Mybb Mybb
Mybulletinboard Mybulletinboard
1 EDB exploit
6
CVSSv2
CVE-2007-1964
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password ve...
Mybb Mybb 1.2.5
Mybulletinboard Mybulletinboard 1.2.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »