Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
layerbb vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-17988
LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter.
Layerbb Layerbb 1.1.1
Layerbb Layerbb 1.1.3
8.8
CVSSv3
CVE-2019-16531
LayerBB prior to 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
Layerbb Layerbb
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2019-13973
LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the custom_logo filename suffix is not restricted, and .php may be used.
Layerbb Layerbb 1.1.3
8.8
CVSSv3
CVE-2019-13974
LayerBB 1.1.3 allows conversations.php/cmd/new CSRF.
Layerbb Layerbb 1.1.3
6.1
CVSSv3
CVE-2019-13972
LayerBB 1.1.3 allows XSS via the application/commands/new.php pm_title variable, a related issue to CVE-2019-17997.
Layerbb Layerbb 1.1.3
6.5
CVSSv3
CVE-2018-17996
LayerBB prior to 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/.
Layerbb Layerbb 1.1.2
1 EDB exploit
6.1
CVSSv3
CVE-2018-17997
LayerBB 1.1.1 allows XSS via the titles of conversations (PMs).
Layerbb Layerbb 1.1.1
1 EDB exploit
NA
CVE-2019-76881
LayerBB version 1.1.2 suffers from a cross site scripting vulnerability.
NA
CVE-2018-179971
LayerBB version 1.1.1 suffers from a cross site scripting vulnerability.
NA
CVE-2019-165311
LayerBB version 1.1.3 suffers from a cross site request forgery vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »