Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mybb vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-3069
Multiple cross-site scripting (XSS) vulnerabilities in MyBB prior to 1.2.13 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) portal.php and (2) inc/functions_post.php.
Mybb Mybb
3.5
CVSSv2
CVE-2015-2149
Multiple cross-site scripting (XSS) vulnerabilities in the administrative backend in MyBB (aka MyBulletinBoard) prior to 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML via the (1) MIME-type field in an add action in the config-attachment_types modul...
Mybb Mybb
4.3
CVSSv2
CVE-2015-2333
Cross-site scripting (XSS) vulnerability in the MyCode editor in MyBB (aka MyBulletinBoard) prior to 1.8.4 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mybb Mybb
3.5
CVSSv2
CVE-2017-16781
The installer in MyBB prior to 1.8.13 has XSS.
Mybb Mybb
1 EDB exploit
7.5
CVSSv2
CVE-2008-3070
Unspecified vulnerability in inc/datahandler/user.php in MyBB prior to 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection.
Mybb Mybb
7.5
CVSSv2
CVE-2008-3071
Directory traversal vulnerability in inc/class_language.php in MyBB prior to 1.2.13 has unknown impact and attack vectors related to the $language variable.
Mybb Mybb
4.3
CVSSv2
CVE-2015-4552
Cross-site scripting (XSS) vulnerability in the quick edit function in xmlhttp.php in MyBB (aka MyBulletinBoard) prior to 1.8.5 allows remote malicious users to inject arbitrary web script or HTML via the content of a post.
Mybb Mybb
4
CVSSv2
CVE-2017-7566
MyBB prior to 1.8.11 allows remote malicious users to bypass an SSRF protection mechanism.
Mybb Mybb
3.5
CVSSv2
CVE-2021-27279
MyBB prior to 1.8.25 allows stored XSS via nested [email] tags with MyCode (aka BBCode).
Mybb Mybb
5
CVSSv2
CVE-2017-8104
In MyBB prior to 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter.
Mybb Mybb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »