MyBB New Threads Plugin 1.1 - Cross-Site Scripting

MyBB New Threads Plugin 1.1 - Cross-Site Scripting Exploit Title: MyBB New Threads Plugin - Cross-Site Scripting Date: 7/16/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1143 Version: 1.1 Tested on: Ubuntu 18.04 CVE:...

MyBB New Threads Plugin 1.1 - Cross-Site Scripting

Exploit Title: MyBB New Threads Plugin - Cross-Site Scripting Date: 7/16/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1143 Version: 1.1 Tested on: Ubuntu 18.04 CVE: CVE-2018-14392 1. Description: New Threads is a plugi...

Use-After-free Vulnerability

libcurl.so is vulnerable to use after-free vulnerability. The attack is possible when cookies are shared among many easy handles simultaneously used in different threads...

MyBB Recent Threads plugin cross-site scripting vulnerability

MyBB aka MyBulletinBoard is a free and web-based forum software developed by the MyBB team using PHP and MySQL.Recent Threads plugin is used in which a plugin for displaying recent and unread messages. A cross-site scripting vulnerability exists in versions of the MyBB Recent Threads plugin prior...

CVE-2017-5392

Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This...

CVE-2017-5392

Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This...

MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.0...

Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver

Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver / nvDevice::SetAppSupportBits is external method 0x107 of the nvAccelerator IOService. It calls taskdeallocate without locking. Two threads can race calling this external method to drop two task references when on...

MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting

MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.0...

MyBB Recent Threads 1.0 Cross Site Scripting

Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.04 CVE: CVE-2018-11715 1. Description: Creates a page...

MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting

Exploit Title: MyBB Recent Threads Plugin v1.0 - Cross-Site Scripting Date: 6/2/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=842 Version: 1.0 Tested on: Ubuntu 18.04 CVE: CVE-2018-11715 1. Description: Creates a page...

Cross site scripting

The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject...

CVE-2018-11715

The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject...

CVE-2018-11715

The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject...

CVE-2018-11715

The CVE-2018-11715 entry corresponds to a cross-site scripting vulnerability in the MyBB Recent Threads plugin (pre-1.1). Affected component: MyBB Recent Threads plugin for MyBB; root cause: insufficient validation of user-submitted input in thread subjects, leading to XSS. Impact details in sour...

CVE-2018-11715

The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject...

MyBB Threads to Link plugin cross-site scripting vulnerability

MyBB aka MyBulletinBoard is a free and web-based forum software developed by the MyBB team using PHP and MySQL.Threads to Link plugin is a use in which a timeline link to add plug-ins. A cross-site scripting vulnerability exists in version 1.3 of the MyBB Threads to Link plugin, which stems from...

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting

Exploit Title: MyBB Latest Posts on Profile Plugin v1.1 - Cross-Site Scripting Date: 4/20/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=914 Version: 1.1 Tested on: Ubuntu 17.10 CVE: CVE-2018-10580 1...

EulerOS 2.0 SP1 : python (EulerOS-SA-2018-1078)

According to the version of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and ...

CVE-2018-10365

An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized...