Filtered by vendor Mybb
Subscriptions
Filtered by product Mybb
Subscriptions
Total
124 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-8974 | 1 Mybb | 2 Merge System, Mybb | 2024-11-21 | N/A |
| SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-8973 | 1 Mybb | 2 Merge System, Mybb | 2024-11-21 | N/A |
| xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password. | ||||
| CVE-2014-3827 | 1 Mybb | 1 Mybb | 2024-11-21 | 5.4 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in the MyBB (aka MyBulletinBoard) before 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML via the title parameter in the (1) edit or (2) add action in the user-users module or the (3) finduser action or the name parameter in an (4) edit action in the user-user module or the (5) editprofile action to modcp.php. | ||||
| CVE-2014-3826 | 1 Mybb | 1 Mybb | 2024-11-21 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in MyBB before 1.6.13 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in the edit action of the config-profile_fields module. | ||||