Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybulletinboard mybulletinboard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1065
SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) 1.04 allows remote malicious users to execute arbitrary SQL commands via the forums[] parameter.
Mybulletinboard Mybulletinboard 1.04
NA
CVE-2006-0639
Cross-site scripting (XSS) vulnerability in search.php in MyBB (aka MyBulletinBoard) 1.0.2 allows remote attackers with knowledge of the table prefix to inject arbitrary web script or HTML via a URL encoded value of the keywords parameter, as demonstrated by %3Cscript%3E.
Mybulletinboard Mybulletinboard 1.0.2
NA
CVE-2005-3776
Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allow remote malicious users to inject arbitrary web script or HTML via (1) the subject field when creating a new thread and (2) information passed to the Reputation system.
Mybulletinboard Mybulletinboard Preview Release 2 Rev 686
NA
CVE-2006-1272
Multiple cross-site scripting (XSS) vulnerabilities in member.php in MyBulletin Board (MyBB) 1.0.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) aim, (2) yahoo, (3) msn, or (4) website field.
Mybulletinboard Mybulletinboard 1.0.3
NA
CVE-2006-1345
polls.php in MyBB (aka MyBulletinBoard) 1.10 allows remote malicious users to obtain sensitive information via a vote action with an "option[]=null" parameter value, which reveals the path in an error message.
Mybulletinboard Mybulletinboard 1.10
NA
CVE-2006-2589
SQL injection vulnerability in rss.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote malicious users to execute arbitrary SQL commands via the comma parameter. NOTE: it is not clear from the original report how this attack can succeed, since the demonstration URL uses a varia...
Mybulletinboard Mybulletinboard 1.1.1
NA
CVE-2006-3760
Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.4 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Mybulletinboard Mybulletinboard 1.1.4
NA
CVE-2006-1912
MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL variable in (1) global.php and (2) inc/init.php, which allows remote malicious users to initialize arbitrary variables that are processed by an @extract command, which could then be leveraged to conduct cross-site...
Mybulletinboard Mybulletinboard 1.10
1 EDB exploit
NA
CVE-2007-1963
SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulletinBoard) 1.2.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CV...
Mybb Mybb
Mybulletinboard Mybulletinboard
1 EDB exploit
NA
CVE-2007-1964
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password ve...
Mybb Mybb 1.2.5
Mybulletinboard Mybulletinboard 1.2.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »