CVE-2026-24836

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

GHSA-2G5G-HCGH-Q3RP DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes

Extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

CVE-2026-24836

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

CVE-2026-24836

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

CVE-2026-24836 DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

EUVD-2026-4863

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

CVE-2026-24836 DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, extensions could write richtext in log notes which can include scripts that would run in the PersonaBar when displayed...

CVE-2026-24836

The CVE-2026-24836 issue affects DotNetNuke (DNN) core: versions 9.0.0 through <9.13.10 and

PT-2026-5041

Name of the Vulnerable Software and Affected Versions DNN formerly DotNetNuke versions 9.0.0 through 9.13.9 DNN formerly DotNetNuke versions 10.0.0 through 10.1.9 Description DNN formerly DotNetNuke is an open-source web content management platform. Extensions could write rich text in log notes,...

EUVD-2018-3461

Malware in sbrugna...

EUVD-2018-3531

Malware in sbrugna...

CVE-2018-11502

The CVE-2018-11502 issue affects the MyBB Moderator Log Notes plugin (version 1.1) for MyBB. The vulnerability is a CSRF flaw that lets an attacker remotely delete all moderator notes and moderator-note logs stored in modCP and ACP. Root cause is cross-site request forgery in the plugin’s note ma...

MyBB Moderator Log Notes 1.1 Cross Site Request Forgery

Exploit Title: MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Request Forgery Date: 2018-05-17 Author: 0xB9 Twitter: @0xB9Sec Software Link: https://community.mybb.com/mods.php?action=view&pid=1105 Version: 1.1 Tested on: Ubuntu 18.04 1. Description: The plugin allows moderators to save notes a...

MyBB Moderator Log Notes Plugin Cross-Site Scripting Vulnerability

MyBB aka MyBulletinBoard is MyBB team developed a set of PHP and MySQL development of free and Web-based forum software . Moderator Log Notes plugin is used in which a management log records plugin . A cross-site scripting vulnerability exists in version 1.1 of the MyBB Moderator Log Notes plugin...

CVE-2018-11430

An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea...

Design/Logic Flaw

An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea...

CVE-2018-11430

The CVE-2018-11430 entry involves the MyBB Moderator Log Notes plugin (version 1.1) for MyBB. A cross-site scripting (XSS) vulnerability exists in the mod notes textarea used by moderators in the Moderator Control Panel, allowing arbitrary script injection when notes are saved/displayed. Connecte...

CVE-2018-11430

An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea...

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Exploit Title: MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Date: 2018-05-17 Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1105 Version: 1.1 Tested on: Ubuntu 18.04 CVE: N/A 1. Description:...

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1105 Version: 1.1 Tested on: Ubuntu 18.04 CVE: N/A 1. Description: The plugin allows...