Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2018-10365

Published: 01/05/2018 Updated: 05/06/2018
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 355
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

An XSS issue exists in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized.

Vulnerable Product Search on Vulmon Subscribe to Product

threads to link project threads to link 1.3

Exploits

Exploit DB: MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting
# Exploit Title: MyBB Threads to Link Plugin v13 - Persistent XSS # Date: 3/15/2018 # Author: 0xB9 # Contact: luxorforumscom/User-0xB9 or 0xB9[at]protonmailcom # Software Link: communitymybbcom/modsphp?action=view&pid=1065 # Version: v13 # Tested on: Ubuntu 1710 CVE: CVE-2018-10365 1 Description: When editing a thread the use ...

References

CWE-79https://www.exploit-db.com/exploits/44547/https://nvd.nist.govhttps://www.exploit-db.com/exploits/44547/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30043cameraCVE-2023-40404CVE-2024-2793client sideCVE-2024-4469CVE-2024-3565CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook