Cross site scripting

Cross-site scripting XSS vulnerability in the User control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving pruning logs...

CVE-2016-9407

Cross-site scripting XSS vulnerability in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs...

CVE-2016-9419

CVE-2016-9419 affects MyBB (aka MyBulletinBoard) Admin control panel and the Merge System, with vulnerable versions before 1.8.8. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The connected docum...

CVE-2016-9419

Cross-site scripting XSS vulnerability in the Admin control panel in MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-9413

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

CVE-2016-9421

CVE-2016-9421 describes a cross-site scripting (XSS) vulnerability in the MyBB Admin control panel, specifically in the Users module, prior to version 1.8.8 (and MyBB Merge System prior to 1.8.8). The root cause is an XSS condition that could allow remote attackers to inject arbitrary web script ...

CVE-2016-9408

CVE-2016-9408 is an XSS vulnerability in the MyBB Mod control panel (and MyBB Merge System) prior to 1.8.7. The issue allows remote attackers to inject arbitrary web script/HTML via vectors involving editing users. Affected software: MyBB (MyBulletinBoard) up to version 1.8.7. Root cause details ...

CVE-2016-9407

Summary of CVE-2016-9407 : A cross-site scripting (XSS) vulnerability in MyBB (My Bulletin Board) prior to version 1.8.7 and in MyBB Merge System prior to 1.8.7. The issue allows remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs. Affected compone...

CVE-2016-9411

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to obtain the installation path via vectors involving sending mails...

CVE-2015-8974

The CVE affects MyBB (MyBulletinBoard) and relates to a SQL injection in the Group Promotions module of the admin control panel. Affected versions are MyBB before 1.6.18 and 1.8.x before 1.8.6; the issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Root cause...

CVE-2016-9409

Cross-site scripting XSS vulnerability in the Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving pruning logs...

CVE-2016-9411

CVE-2016-9411 affects MyBB (MyBulletinBoard) Admin control panel and MyBB Merge System prior to version 1.8.7. The vulnerability allows remote attackers to disclose the installation path through vectors involving sending mails. The incident is documented in NVD with CVSS v2 base score 5.0 (Partia...

CVE-2016-9413

The CVE-2016-9413 entry affects MyBB Admin control panel and MyBB Merge System prior to 1.8.7. The underlying issue is clickjacking via unspecified vectors, enabling remote attackers to perform clickjacking against affected admin interfaces. The vulnerable components are the Admin control panel a...

CVE-2016-9409

CV E-2016-9409 is an XSS vulnerability in the admin control panel of MyBB (and MyBB Merge System) before version 1.8.7. The flaw allows remote attackers to inject arbitrary web script or HTML via vectors involving pruning logs. It affects MyBB prior to 1.8.7, with impact limited to client-side sc...

CVE-2014-8362

Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system and modify other security settings via the Web-enabled interface...

CVE-2014-8362

Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system and modify other security settings via the Web-enabled interface...

Design/Logic Flaw

Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system and modify other security settings via the Web-enabled interface...

CVE-2014-8362

Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system and modify other security settings via the Web-enabled interface...

CVE-2014-8362

The CVE-2014-8362 entry affects Vivint Sky Control Panel 1.1.1.9926 and describes a vulnerability where remote attackers can enable/disable the alarm system and modify other security settings through the Web-enabled interface. The connected documents corroborate a web-accessible vulnerability wit...