Lucene search
K

52 matches found

CVE
CVE
added 2017/01/31 10:0 p.m.45 views

CVE-2016-9406

CVE-2016-9406 is an XSS vulnerability in the MyBB User Control Panel (and MyBB Merge System) before version 1.8.7, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. The NVD entry lists impact as user-level confidentiality and integrity issues with low avail...

6.1CVSS6.2AI score0.01273EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2017/01/31 10:0 p.m.22 views

CVE-2016-9417

The fetchremotefile function in MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery SSRF attacks via unspecified vectors...

7.4AI score0.01651EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/01/31 10:0 p.m.21 views

CVE-2016-9410

MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to obtain sensitive database information via vectors involving templates...

7.4AI score0.02245EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/01/31 10:0 p.m.28 views

CVE-2016-9420

MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comparison false positives."...

9.7AI score0.02563EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/01/31 10:0 p.m.23 views

CVE-2016-9418

MyBB aka MyBulletinBoard before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name...

7.3AI score0.02283EPSS
Exploits0References4
CVE
CVE
added 2017/01/31 10:0 p.m.44 views

CVE-2016-9415

CVE-2016-9415 affects MyBB (MyBulletinBoard) on Windows prior to version 1.8.8 and MyBB Merge System on Windows prior to 1.8.8. The issue allows remote attackers to overwrite arbitrary CSS files via vectors related to “style import.” The root cause is not detailed here beyond the style import mec...

7.5CVSS7.4AI score0.01861EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2017/01/31 10:0 p.m.48 views

CVE-2016-9403

The CVE-2016-9403 issue affects MyBB (MyBulletinBoard) releases prior to 1.8.7 and the MyBB Merge System prior to 1.8.7. The root cause is a missing permission check in newreply.php, allowing remote attackers to impact the system in an unspecified way. The vulnerability is described with a high/c...

9.8CVSS9.6AI score0.02563EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2017/01/31 10:0 p.m.45 views

CVE-2016-9410

CVE-2016-9410 relates to information disclosure in MyBB (MyBulletinBoard) prior to 1.8.7 and MyBB Merge System prior to 1.8.7. The issue allows remote attackers to obtain sensitive database information through vectors involving templates. This entry is supported by multiple sources (NVD/NVD-deriv...

7.5CVSS7.6AI score0.02245EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2017/01/31 10:0 p.m.54 views

CVE-2015-8973

CVE-2015-8973 affects MyBB (MyBulletinBoard) up to before 1.6.18 and 1.8.x before 1.8.6, including MyBB Merge System before 1.8.6. The issue allows remote attackers to bypass intended access restrictions via vectors related to the forum password in xmlhttp.php, potentially enabling unauthorized a...

8.3CVSS7.9AI score0.01631EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2017/01/31 10:0 p.m.47 views

CVE-2016-9416

CVE-2016-9416 — SQL injection in the MyBB users data handler (MyBB/MyBulletinBoard) prior to 1.8.8 and Merge System prior to 1.8.8. The vulnerability allows remote attackers to execute arbitrary SQL commands via unspecified vectors due to improper handling of input in the users data handler. Affe...

9.8CVSS9.8AI score0.02116EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2017/01/31 10:0 p.m.50 views

CVE-2016-9414

CVE-2016-9414 affects MyBB (MyBulletinBoard) prior to 1.8.7 and MyBB Merge System prior to 1.8.7, enabling information disclosure via missing directory listing protection in upload directories. The vulnerability is an information disclosure issue; the provided documents do not specify exploit cod...

7.5CVSS7.8AI score0.02283EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2017/01/31 10:0 p.m.21 views

CVE-2016-9412

MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy...

9.7AI score0.02168EPSS
Exploits0References4
Rows per page
Query Builder