Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb mybb vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-41866
MyBB prior to 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly.
Mybb Mybb
6.5
CVSSv2
CVE-2021-27946
SQL Injection vulnerability in MyBB prior to 1.8.26 via poll vote count. (issue 1 of 3).
Mybb Mybb
6.5
CVSSv2
CVE-2021-27947
SQL Injection vulnerability in MyBB prior to 1.8.26 via the Copy Forum feature in Forum Management. (issue 2 of 3).
Mybb Mybb
6.5
CVSSv2
CVE-2021-27948
SQL Injection vulnerability in MyBB prior to 1.8.26 via User Groups. (issue 3 of 3).
Mybb Mybb
4.3
CVSSv2
CVE-2021-27949
Cross-site Scripting vulnerability in MyBB prior to 1.8.26 via Custom moderator tools.
Mybb Mybb
3.5
CVSSv2
CVE-2019-12830
In MyBB prior to 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post renderer that leads to [video] BBCode persistent XSS to take over any forum account, aka a nested video MyCode issue.
Mybb Mybb
6.5
CVSSv2
CVE-2019-12831
In MyBB prior to 1.8.21, an attacker can abuse a default behavior of MySQL on many systems (that leads to truncation of strings that are too long for a database column) to create a PHP shell in the cache directory of a targeted forum via a crafted XML import, as demonstrated by t...
Mybb Mybb
6.5
CVSSv2
CVE-2021-43281
MyBB prior to 1.8.29 allows Remote Code Injection by an admin with the "Can manage settings?" permission. The Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported ty...
Mybb Mybb
5.8
CVSSv2
CVE-2019-20225
MyBB prior to 1.8.22 allows an open redirect on login.
Mybb Mybb
NA
CVE-2020-22612
Installer RCE on settings file write in MyBB prior to 1.8.22.
Mybb Mybb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »