Lucene search
+L

129 matches found

0day.today
0day.today
added 2023/04/03 12:0 a.m.247 views

MyBB 1.8.32 - Remote Code Execution (Authenticated) Exploit

Exploit Title: MyBB 1.8.32 - Chained LFI Remote Code Execution RCE Authenticated Exploit Author: lUc1f3r11 https://github.com/FDlucifer Vendor Homepage: https://mybb.com/ Software Link: https://github.com/mybb/mybb/releases/tag/mybb1832 Version: MyBB 1.8.32 Tested on: Linux CVE : N/A Detailed...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.365 views

MyBB 1.8.32 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: MyBB 1.8.32 - Chained LFI Remote Code Execution RCE Authenticated Date: 2023-01-19 Exploit Author: lUc1f3r11 https://github.com/FDlucifer Vendor Homepage: https://mybb.com/ Software Link: https://github.com/mybb/mybb/releases/tag/mybb1832 Version: MyBB 1.8.32 Tested on: Linux CVE :...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2023/01/04 12:0 a.m.17 views

MyBB < 1.8.33 Directory Traversal Vulnerability

MyBB is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb"; ifdescription...

7.2CVSS7AI score0.01497EPSS
Exploits0References1
NVD
NVD
added 2023/01/03 8:15 p.m.20 views

CVE-2022-45867

MyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages module allows remote authenticated users, with high privileges, to achieve local file inclusion and execution...

7.2CVSS6.8AI score0.01497EPSS
Exploits0References1
Prion
Prion
added 2023/01/03 8:15 p.m.26 views

Directory traversal

MyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages module allows remote authenticated users, with high privileges, to achieve local file inclusion and execution...

5.8CVSS6.8AI score0.01497EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/11/22 12:15 a.m.33 views

CVE-2022-43709

MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...

4.9CVSS0.00645EPSS
Exploits0References2
Prion
Prion
added 2022/11/22 12:15 a.m.27 views

Sql injection

MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...

3.3CVSS5.3AI score0.00645EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/11/21 12:0 a.m.29 views

CVE-2022-43709

MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings...

5.6AI score0.00645EPSS
Exploits0References2
CVE
CVE
added 2022/11/21 12:0 a.m.85 views

CVE-2022-43709

Summary of CVE-2022-43709 : MyBB 1.8.31 contains a SQL injection vulnerability in the Admin CP → Users module. The issue allows remote authenticated users to modify the query string via direct user input or stored search filter settings, enabling partial data integrity impact as described in the ...

4.9CVSS5.3AI score0.00645EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2022/10/10 12:0 a.m.16 views

MyBB < 1.8.31 RCE Vulnerability (GHSA-hxhm-rq9f-7xj7)

MyBB is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb";...

7.2CVSS7.3AI score0.02248EPSS
Exploits1References1
Prion
Prion
added 2022/10/06 6:16 p.m.29 views

Double free

MyBB is a free and open source forum software. The Mail Settings ? Additional Parameters for PHP's mail function mailparameters setting value, in connection with the configured mail program's options and behavior, may allow access to sensitive information and Remote Code Execution RCE. The...

5.8CVSS7.1AI score0.02248EPSS
Exploits1References4Affected Software1
0day.today
0day.today
added 2022/05/12 12:0 a.m.329 views

MyBB 1.8.29 - MyBB 1.8.29 - Remote Code Execution (Authenticated) Exploit

Exploit Title: MyBB 1.8.29 - Remote Code Execution RCE Authenticated Exploit Author: Altelus Vendor Homepage: https://mybb.com/ Software Link: https://github.com/mybb/mybb/releases/tag/mybb1829 Version: MyBB 1.8.29 Tested on: Linux CVE : CVE-2022-24734 An RCE can be obtained on MyBB's Admin CP in...

7.2CVSS0.2AI score0.77677EPSS
Exploits9
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.298 views

MyBB 1.8.29 Remote Code Execution

Exploit Title: MyBB 1.8.29 - Remote Code Execution RCE Authenticated Date: 2022-05-08 Exploit Author: Altelus Vendor Homepage: https://mybb.com/ Software Link: https://github.com/mybb/mybb/releases/tag/mybb1829 Version: MyBB 1.8.29 Tested on: Linux CVE : CVE-2022-24734 An RCE can be obtained on...

7.2CVSS7AI score0.77677EPSS
Exploits9
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.279 views

MyBB 1.8.29 - MyBB 1.8.29 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: MyBB 1.8.29 - Remote Code Execution RCE Authenticated Date: 2022-05-08 Exploit Author: Altelus Vendor Homepage: https://mybb.com/ Software Link: https://github.com/mybb/mybb/releases/tag/mybb1829 Version: MyBB 1.8.29 Tested on: Linux CVE : CVE-2022-24734 An RCE can be obtained on...

7.2CVSS6.9AI score0.77677EPSS
Exploits9
OpenVAS
OpenVAS
added 2022/03/11 12:0 a.m.16 views

MyBB 1.2.0 - 1.8.29 RCE Vulnerability (GHSA-876v-gwgh-w57f)

MyBB is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb";...

7.2CVSS7.3AI score0.77677EPSS
Exploits9References1
CNVD
CNVD
added 2022/03/11 12:0 a.m.72 views

MyBB Remote Code Execution Vulnerability (CNVD-2022-20097)

MyBB is a free and web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A remote code execution vulnerability exists in MyBB, which can be exploited to cause a Remote Code Execution RCE...

7.2CVSS7.4AI score0.77677EPSS
Exploits9References1
NVD
NVD
added 2022/03/09 10:15 p.m.13 views

CVE-2022-24734

MyBB is a free and open source forum software. In affected versions the Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type php with PHP code, executed on on Change Settings pages. This resul...

7.2CVSS0.77677EPSS
Exploits9References6
Prion
Prion
added 2022/03/09 10:15 p.m.24 views

Design/Logic Flaw

MyBB is a free and open source forum software. In affected versions the Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type php with PHP code, executed on on Change Settings pages. This resul...

6.5CVSS7.2AI score0.77677EPSS
Exploits9References6Affected Software1
Cvelist
Cvelist
added 2022/03/09 9:25 p.m.52 views

CVE-2022-24734 Remote code execution in mybb

MyBB is a free and open source forum software. In affected versions the Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type php with PHP code, executed on on Change Settings pages. This resul...

7.2CVSS7.5AI score0.77677EPSS
Exploits9References6
Vulnrichment
Vulnrichment
added 2022/03/09 9:25 p.m.7 views

CVE-2022-24734 Remote code execution in mybb

MyBB is a free and open source forum software. In affected versions the Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type php with PHP code, executed on on Change Settings pages. This resul...

7.2CVSS7.3AI score0.77677EPSS
Exploits9References6
Rows per page
Query Builder