18 matches found
EUVD-2022-46691
Malicious code in bioql PyPI...
CVE-2022-43709
MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...
CVE-2022-43707
MyBB 1.8.31 has a Cross-site scripting XSS vulnerability in the visual MyCode editor SCEditor allows remote attackers to inject HTML via user input or stored data...
MyBB File Name Cross-Site Scripting Vulnerability
MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A cross-site scripting vulnerability exists in MyBB before version 1.8.31, which stems from the lack o...
CVE-2022-43707
MyBB 1.8.31 has a Cross-site scripting XSS vulnerability in the visual MyCode editor SCEditor allows remote attackers to inject HTML via user input or stored data...
MyBB 跨站脚本漏洞
MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A cross-site scripting vulnerability exists in MyBB before version 1.8.31, which stems from the lack o...
PT-2022-27013 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.31 Description: The issue allows remote attackers to inject HTML via user input or stored data due to a Cross-site scripting XSS vulnerability in the visual MyCode editor SCEditor. Recommendations: For MyBB version 1.8.31, as...
CVE-2022-43709
Summary of CVE-2022-43709 : MyBB 1.8.31 contains a SQL injection vulnerability in the Admin CP → Users module. The issue allows remote authenticated users to modify the query string via direct user input or stored search filter settings, enabling partial data integrity impact as described in the ...
CVE-2022-43708
CVE-2022-43708 affects MyBB 1.8.31. The issue is a cross-site scripting vulnerability in the post Attachments interface that lets an attacker inject HTML by tricking a user into uploading a file with a specially crafted name. Root cause noted as insufficient input filtering/escaping for attachmen...
PT-2022-27014 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.31 Description: The issue allows attackers to inject HTML by persuading the user to upload a file with a specially crafted name, exploiting cross-site scripting XSS vulnerabilities in the post Attachments interface...
PT-2022-27015 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.31 Description: The issue allows remote authenticated users to modify the query string via direct user input or stored search filter settings in the Admin CP's Users module, resulting in a SQL injection vulnerability...
PT-2022-24855 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB versions prior to 1.8.31 Description: The issue in MyBB allows access to sensitive information and Remote Code Execution RCE through the mail parameters setting value in the Mail Settings → Additional Parameters for PHP's mail function, ...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo Baron Samed...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress My Tickets plugin in versions prior to 1.8.31 suffers from a cross-site scripting vulnerability...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Introduction This repository was created f...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...
Exploit for Off-by-one Error in Sudo_Project Sudo
PoC exploit for CVE-2021-3156, a vulnerability in the Linux kern...