5 matches found
MyBB Directory Traversal Vulnerability (CNVD-2017-06579)
MyBB is a popular web-based very good free forum software developed with PHP and MySQL. A directory traversal vulnerability exists in the smilie module in MyBB versions prior to 1.8.11. The vulnerability can be exploited to browse files with the 'pathfolder' parameter...
MyBB cross-site scripting vulnerability (CNVD-2017-06578)
MyBB is a popular web-based very good free forum software developed with PHP and MySQL. A cross-site scripting vulnerability exists in the Email MyCode component in MyBB versions prior to 1.8.11. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
CVE-2017-8103
In MyBB before 1.8.11, the Email MyCode component allows XSS, as demonstrated by an onmouseover event...
MyBB Cross-Site Scripting Vulnerability (CNVD-2017-05600)
MyBB is a popular web-based very good free forum software developed with PHP and MySQL. A cross-site scripting vulnerability exists in versions of MyBB prior to 1.8.11, which allows remote attackers to inject arbitrary web script or HTML via the content of a post...
wireshark: TCP dissector crash (wnpa-sec-2013-65)
epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service application crash via a crafted packet...