9 matches found
BIT-MYBB-2020-19048
Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'...
BIT-MYBB-2020-19049
Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'...
myBB forums 1.8.26 - Stored Cross-Site Scripting Vulnerability
Exploit Title: myBB forums 1.8.26 - Stored Cross-Site Scripting XSS Exploit Author: Andrey Stoykov Software Link: https://mybb.com/versions/1.8.26/ Version: 1.8.26 Tested on: Ubuntu 20.04 Stored XSS 1: To reproduce do the following: 1. Login as administrator user 2. Browse to "Templates and Style...
CVE-2020-19048
Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'...
CVE-2020-19048
Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'...
CVE-2020-19049
Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'...
Cross site scripting
Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'...
CVE-2020-19049
Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'...
MYBB 1.6 (admin/index.php) XSS Vulnerabilities
Exploit for php platform in category web applications ============================================== MYBB 1.6 admin/index.php XSS Vulnerabilities ============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...