Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
0xb9 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-11502
An issue exists in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. An attacker can remotely delete all mod notes and mod note logs in the modCP and ACP via CSRF.
Moderator Log Notes Project Moderator Log Notes 1.1
1 EDB exploit
6.1
CVSSv3
CVE-2018-14888
inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin prior to 3.1.0 for MyBB allows XSS via a post or thread subject.
Thank You\\/like Project Thank You\\/like
1 EDB exploit
6.1
CVSSv3
CVE-2018-14392
The New Threads plugin prior to 1.2 for MyBB has XSS.
Mybb New Threads
1 EDB exploit
5.4
CVSSv3
CVE-2018-11715
The Recent Threads plugin prior to 1.1 for MyBB allows XSS via a thread subject.
Recent Threads Project Recent Threads
1 EDB exploit
6.1
CVSSv3
CVE-2018-11532
An issue exists in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. changstats.php has XSS, as demonstrated by a subject field.
Changuondyu Advanced Statistics Project Changuondyu Advanced Statistics 1.0.2
1 EDB exploit
5.4
CVSSv3
CVE-2018-10580
The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread subject) field.
Latest Posts On Profile Project Latest Posts On Profile 1.1
1 EDB exploit
5.4
CVSSv3
CVE-2018-10365
An XSS issue exists in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized.
Threads To Link Project Threads To Link 1.3
1 EDB exploit
6.1
CVSSv3
CVE-2018-10366
An issue exists in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.
User Project User 1.4.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5