6 matches found
CVE-2018-25248 MyBB Downloads Plugin 2.0.3 Persistent XSS via downloads.php
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when administrators...
CVE-2018-25248 MyBB Downloads Plugin 2.0.3 Persistent XSS via downloads.php
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when administrators...
CVE-2018-25248
The CVE-2018-25248 entry concerns the MyBB Downloads Plugin 2.0.3, which is affected by a persistent cross-site scripting (XSS) vulnerability in the download title field. The issue allows regular members to submit a new download containing HTML/JavaScript code in the title parameter, which is exe...
PT-2026-30368
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when administrators...
MyBB(MyBulletinBoard) 跨站脚本漏洞
MyBB is a free, web-based forum software developed by the MyBB team using PHP and MySQL. This software features simplicity in use, support for multiple languages, and scalability. Version 2.0.3 of MyBB contains a cross-site scripting vulnerability. This vulnerability stems from improper cleaning ...
PT-2025-12768 · WordPress · Easy Digital Downloads
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads – eCommerce Payments and Subscriptions plugin for WordPress versions up to, and including, 3.3.6.1 Description: The issue allows unauthenticated attackers to extract private post titles of downloads via the edd ajax get...