Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
0xb9 vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2019-16531
LayerBB prior to 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
Layerbb Layerbb
1 EDB exploit
1 Github repository
685
VMScore
CVE-2018-14575
Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject.
Mybb Trash Bin 1.1.3
1 EDB exploit
585
VMScore
CVE-2018-17996
LayerBB prior to 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/.
Layerbb Layerbb 1.1.2
1 EDB exploit
585
VMScore
CVE-2018-11502
An issue exists in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. An attacker can remotely delete all mod notes and mod note logs in the modCP and ACP via CSRF.
Moderator Log Notes Project Moderator Log Notes 1.1
1 EDB exploit
435
VMScore
CVE-2018-17997
LayerBB 1.1.1 allows XSS via the titles of conversations (PMs).
Layerbb Layerbb 1.1.1
1 EDB exploit
435
VMScore
CVE-2019-9650
An XSS issue exists in upcoming_events.php in the Upcoming Events plugin prior to 1.33 for MyBB via a crafted name for an event.
Upcoming Events Project Upcoming Events
1 EDB exploit
435
VMScore
CVE-2019-6979
An issue exists in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. There is XSS via the admin/modules/tools/ip_history_logs.php useragent field.
Ip History Logs Project Ip History Logs 1.0.2
1 EDB exploit
435
VMScore
CVE-2018-15596
An issue exists in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren...
Mybb Mybb 1.8.17
1 EDB exploit
435
VMScore
CVE-2018-14888
inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin prior to 3.1.0 for MyBB allows XSS via a post or thread subject.
Thank You\\/like Project Thank You\\/like
1 EDB exploit
435
VMScore
CVE-2018-14392
The New Threads plugin prior to 1.2 for MyBB has XSS.
Mybb New Threads
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »