Lucene search
K

4 matches found

0day.today
0day.today
added 2017/11/21 12:0 a.m.57 views

MyBB 1.8.13 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: XSS in MyBB up to 1.8.13 via installer Date: Found on 05-29-2017 Exploit Author: Pablo Sacristan Vendor Homepage: https://mybb.com/ Version: Version 1.8.13 Fixed in 1.8.13 CVE : CVE-2017-16781 No HTML escaping when returning an...

3.5CVSS5.8AI score0.01581EPSS
Exploits4
exploitpack
exploitpack
added 2017/11/11 12:0 a.m.16 views

MyBB 1.8.13 - Cross-Site Scripting

MyBB 1.8.13 - Cross-Site Scripting Exploit Title: XSS in MyBB up to 1.8.13 via installer Date: Found on 05-29-2017 Exploit Author: Pablo Sacristan Vendor Homepage: https://mybb.com/ Version: Version 1.8.13 Fixed in 1.8.13 CVE : CVE-2017-16781 No HTML escaping when returning an $error in...

3.5CVSS5.4AI score0.01581EPSS
Exploits4
Circl
Circl
added 2017/11/11 12:0 a.m.21 views

CVE-2017-16781

creationtimestamp| type| source ---|---|--- 2017-11-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43137...

5.4CVSS6.8AI score0.01581EPSS
Exploits4References1
CVE
CVE
added 2017/11/10 11:0 p.m.58 views

CVE-2017-16781

MyBB before 1.8.13 is vulnerable to a cross-site scripting (XSS) flaw in the installer. The issue arises from missing HTML escaping of the $error variable in /install/index.php (POST path), enabling an attacker-controlled payload to execute in the victim’s browser. A PoC demonstrates injecting HT...

5.4CVSS5.4AI score0.01581EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder