CVE-2018-25250

MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users...

CVE-2018-25250

CVE-2018-25250 affects the MyBB plugin “Last User’s Threads in Profile” version 1.2. The issue is a persistent XSS vulnerability whereby an attacker can inject malicious scripts by supplying script tags in the subject field of new threads. When users visit the attacker's profile page, the payload...

CVE-2018-25250 MyBB Last User's Threads in Profile Plugin 1.2 Persistent XSS

MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users...

CVE-2026-1644

CVE-2026-1644 pertains to the WP Frontend Profile plugin for WordPress, affected through version 1.3.8. The root cause is missing nonce validation in the update_action function, enabling Cross-Site Request Forgery. This allows unauthenticated attackers to influence user account registrations (app...

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.6.0.0), androidx.baselineprofile.apptarget:androidx.baselineprofile.apptarget.gradle.plugin (>=1.2.0-alpha12 <=1.2.0-alpha14) +2660 more potentially affected by CVE-2024-29371 via org.bitbucket.b_c:jose4j (>=0.4.1 <=0.9.5)

org.bitbucket.bc:jose4j MAVEN version =0.4.1, =4.4.0.0, =1.2.0-alpha12, =1.2.0-alpha12, =1.2.0-alpha12, =1.2.0-alpha12, =1.2.0-alpha07, =1.2.0-alpha12, =1.2.0-alpha07, =2.6.0, =2.6.0, =2.6.0, =1.0.0-alpha01, =1.0.0-alpha01,...

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.6.0.0), androidx.baselineprofile.apptarget:androidx.baselineprofile.apptarget.gradle.plugin (>=1.2.0-alpha12 <=1.2.0-alpha14) +2660 more potentially affected by CVE-2024-29371 via org.bitbucket.b_c:jose4j (>=0.4.1 <=0.9.5)

org.bitbucket.bc:jose4j MAVEN version =0.4.1, =4.4.0.0, =1.2.0-alpha12, =1.2.0-alpha12, =1.2.0-alpha12, =1.2.0-alpha12, =1.2.0-alpha07, =1.2.0-alpha12, =1.2.0-alpha07, =2.6.0, =2.6.0, =2.6.0, =1.0.0-alpha01, =1.0.0-alpha01,...

EUVD-2021-11434

Malware in sbrugna...

EUVD-2018-2309

Malware in sbrugna...

EUVD-2023-27904

Malicious code in bioql PyPI...

CVE-2019-15110

The wp-front-end-profile plugin before 0.2.2 for WordPress has XSS...

Multiple vulnerabilities in extension "mm_forum" (mm_forum)

The extension fails to properly encode user input for output in HTML context. Also the extension fails to implement a CSRF protection for update profile plugin...

WordPress WP Frontend Profile plugin <= 1.2.1 - Nonce Security Issue vulnerability

Nonce Security Issue vulnerability discovered by Julio Potier in WordPress WP Frontend Profile plugin versions = 1.2.1. Solution Update the WordPress WP Frontend Profile plugin to the latest available version at least 1.2.2...

CVE-2019-15111

The wp-front-end-profile plugin before 0.2.2 for WordPress has a privilege escalation issue...

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting Exploit Title: MyBB Latest Posts on Profile Plugin v1.1 - Cross-Site Scripting Date: 4/20/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=914...

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Latest Posts on Profile Plugin v1.1 - Cross-Site Scripting Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=914 Version: 1.1 Tested on: Ubuntu...

MyBB Latest Posts On Profile 1.1 Cross Site Scripting

Exploit Title: MyBB Latest Posts on Profile Plugin v1.1 - Cross-Site Scripting Date: 4/20/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=914 Version: 1.1 Tested on: Ubuntu 17.10 CVE: CVE-2018-10580 1...

MyBB Last Users Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Last User's Threads in Profile Plugin v1.2 - Persistent XSS Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=910 Version: v1.2 Tested...

MyBB Profile Skype ID 1.0 Cross Site Scripting

Exploit Title: Profile Skype ID MyBB Plugin Stored XSS Date: 14/12/2012 Exploit Author: limb0 Vendor Homepage: http://www.dragonknightz.net/ Software Link: http://mods.mybb.com/view/user-profile-skype-id Version: 1.0 Category:Web Security Tested on: Linux...

Joomla! 1.51.6 - JFilterInput Cross-Site Scripting Bypass

Joomla! 1.51.6 - JFilterInput Cross-Site Scripting Bypass Exploit Title: Joomla! JFilterInput XSS Bypass Date: 1 February 2011 Author: Jeff Channell Software Link: http://www.joomla.org Version: 1.5.22, 1.6.0 Tested on: PHP5, MySQL5 Joomla! 1.5 and 1.6 rely on the JFilterInput class to sanitize...