Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

RedhatCVE
RedhatCVEadded 2025/11/11 10:44 p.m.1 views

CVE-2025-64519

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL injection vulnerability exists in the moderator control panel modcp.php. Users with moderator permissions can exploit this vulnerability by supplying...

8.8CVSS7.7AI score0.00042EPSS
Exploits1References1
NVD
NVDadded 2025/11/10 11:15 p.m.1 views

CVE-2025-64519

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL injection vulnerability exists in the moderator control panel modcp.php. Users with moderator permissions can exploit this vulnerability by supplying...

8.8CVSS0.00042EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-10910

Malware in sbrugna...

6.1CVSS6.3AI score0.00272EPSS
Exploits0References3
CNVD
CNVDadded 2019/04/01 12:0 a.m.7 views

MyBB Cross-Site Scripting Vulnerability (CNVD-2021-25714)

MyBB MyBulletinBoard is the MyBB team developed a set of PHP and MySQL development of free and Web-based forum software. The software is easy to use , support for multiple languages , scalable and so on.ModCP Profile Editor is used in one of the ModCP configuration editor . The ModCP Profile Edit...

6.1CVSS6.3AI score0.00272EPSS
Exploits0References1
NVD
NVDadded 2019/03/29 7:29 p.m.9 views

CVE-2018-19201

A reflected XSS vulnerability in the ModCP Profile Editor in MyBB before 1.8.20 allows remote attackers to inject JavaScript via the 'username' parameter...

6.1CVSS6AI score0.00272EPSS
Exploits0References2
CVE
CVEadded 2019/03/29 6:58 p.m.43 views

CVE-2018-19201

CVE-2018-19201: A reflected XSS in MyBB’s ModCP Profile Editor affects versions before 1.8.20. An attacker can inject JavaScript via the username parameter (remote, network-based). Impact is client-side script execution as described; mitigation is to upgrade to MyBB 1.8.20 (security maintenance r...

6.1CVSS5.9AI score0.00272EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2019/03/29 6:58 p.m.13 views

CVE-2018-19201

A reflected XSS vulnerability in the ModCP Profile Editor in MyBB before 1.8.20 allows remote attackers to inject JavaScript via the 'username' parameter...

6AI score0.00272EPSS
Exploits0References2
FreeBSD
FreeBSDadded 2019/02/27 12:0 a.m.15 views

mybb -- vulnerabilities

mybb Team reports: Medium risk: Reset Password reflected XSS Medium risk: ModCP Profile Editor username reflected XSS Low risk: Predictable CSRF token for guest users Low risk: ACP Stylesheet Properties XSS Low risk: Reset Password username enumeration via email...

3.3AI score
Exploits0References1
Exploit DB
Exploit DBadded 2019/01/07 12:0 a.m.85 views

MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting

Exploit Title: MyBB OUGC Awards Plugin v1.8.3 - Cross-Site Scripting Date: 12/31/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=396 Version: 1.8.3 Tested on: Ubuntu 18.04 CVE: CVE-2019-3501 1. Description: OUGC Awards...

4.8CVSS5.1AI score0.00227EPSS
Exploits5
0day.today
0day.todayadded 2019/01/07 12:0 a.m.38 views

MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB OUGC Awards Plugin v1.8.3 - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=396 Version: 1.8.3 Tested on: Ubuntu 18.04 CVE:...

3.5CVSS0.00227EPSS
Exploits5
exploitpack
exploitpackadded 2019/01/07 12:0 a.m.23 views

MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting

MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting Exploit Title: MyBB OUGC Awards Plugin v1.8.3 - Cross-Site Scripting Date: 12/31/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=396 Version: 1.8.3 Tested on...

3.5CVSS5AI score0.00227EPSS
Exploits5
CVE
CVEadded 2018/08/24 9:0 p.m.39 views

CVE-2018-11502

The CVE-2018-11502 issue affects the MyBB Moderator Log Notes plugin (version 1.1) for MyBB. The vulnerability is a CSRF flaw that lets an attacker remotely delete all moderator notes and moderator-note logs stored in modCP and ACP. Root cause is cross-site request forgery in the plugin’s note ma...

6.5CVSS6.4AI score0.0021EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2018/05/28 4:29 p.m.10 views

CVE-2018-11430

An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea...

5.4CVSS5.3AI score0.00181EPSS
Exploits1References1
Prion
Prionadded 2018/05/28 4:29 p.m.9 views

Design/Logic Flaw

An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea...

3.5CVSS5.2AI score0.00181EPSS
Exploits1References1Affected Software1
exploitpack
exploitpackadded 2018/05/25 12:0 a.m.29 views

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Exploit Title: MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Date: 2018-05-17 Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1105 Version: 1.1 Tested on: Ubuntu 18.04 CVE: N/A 1. Description:...

6.7AI score
Exploits0
0day.today
0day.todayadded 2018/05/25 12:0 a.m.38 views

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1105 Version: 1.1 Tested on: Ubuntu 18.04 CVE: N/A 1. Description: The plugin allows...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2018/05/25 12:0 a.m.44 views

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting

Exploit Title: MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Date: 2018-05-17 Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1105 Version: 1.1 Tested on: Ubuntu 18.04 CVE: N/A 1. Description: The plugin allows moderators to save notes and display them...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2018/05/25 12:0 a.m.40 views

MyBB Moderator Log Notes 1.1 Cross Site Scripting

Exploit Title: MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Scripting Date: 2018-05-17 Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1105 Version: 1.1 Tested on: Ubuntu 18.04 CVE: N/A 1. Description: The plugin allows moderators to save notes and display them...

7.4AI score
Exploits0
Prion
Prionadded 2017/05/11 5:29 p.m.11 views

Cross site scripting

Invision Power Services IPS Community Suite 4.1.19.2 and earlier has stored XSS in the Announcements, allowing privilege escalation from an Invision Power Board moderator to an admin. An attack uses the announcecontent parameter in an index.php?/modcp/announcements/&action=create request. This is...

7.5CVSS9.1AI score0.00559EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2017/05/11 5:29 p.m.6 views

CVE-2017-8898

Invision Power Services IPS Community Suite 4.1.19.2 and earlier has stored XSS in the Announcements, allowing privilege escalation from an Invision Power Board moderator to an admin. An attack uses the announcecontent parameter in an index.php?/modcp/announcements/&action=create request. This is...

9.8CVSS9.3AI score0.00559EPSS
Exploits1References3
Rows per page
Query Builder