Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
0xb9 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-16531
LayerBB prior to 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
Layerbb Layerbb
1 EDB exploit
1 Github repository
8.8
CVSSv3
CVE-2018-14575
Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject.
Mybb Trash Bin 1.1.3
1 EDB exploit
7.8
CVSSv3
CVE-2022-48658
In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context. Commit 5a836bf6b09f ("mm: slub: move flush_cpu_slab() invocations __free_slab() invocations out of IRQ context") moved all flush...
Linux Linux Kernel
6.5
CVSSv3
CVE-2018-17996
LayerBB prior to 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/.
Layerbb Layerbb 1.1.2
1 EDB exploit
6.5
CVSSv3
CVE-2018-11502
An issue exists in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. An attacker can remotely delete all mod notes and mod note logs in the modCP and ACP via CSRF.
Moderator Log Notes Project Moderator Log Notes 1.1
1 EDB exploit
6.1
CVSSv3
CVE-2022-28354
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period.
Mybb Active Threads 1.3.0
6.1
CVSSv3
CVE-2022-28353
In the External Redirect Warning Plugin 1.3 for MyBB, the redirect URL (aka external.php?url=) is vulnerable to XSS.
External Redirect Warning Project External Redirect Warning 1.3
6.1
CVSSv3
CVE-2018-17997
LayerBB 1.1.1 allows XSS via the titles of conversations (PMs).
Layerbb Layerbb 1.1.1
1 EDB exploit
6.1
CVSSv3
CVE-2019-9650
An XSS issue exists in upcoming_events.php in the Upcoming Events plugin prior to 1.33 for MyBB via a crafted name for an event.
Upcoming Events Project Upcoming Events
1 EDB exploit
6.1
CVSSv3
CVE-2019-6979
An issue exists in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. There is XSS via the admin/modules/tools/ip_history_logs.php useragent field.
Ip History Logs Project Ip History Logs 1.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »