Lucene search
K

4 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

MyBB 1.4.10 'myps.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37464/info MyBB is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.1AI score
Exploits0
CVE
CVE
added 2010/04/27 3:0 p.m.49 views

CVE-2009-4813

CVE-2009-4813 describes a cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) version 1.4.10, specifically in the script file myps.php. The issue arises when processing the donate action where the username parameter is not properly sanitized, allowing a remote attacker to inject ar...

4.3CVSS5.8AI score0.01452EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2009/12/29 8:41 p.m.11 views

Design/Logic Flaw

inc/functionstime.php in MyBB aka MyBulletinBoard 1.4.10, and possibly earlier versions, allows remote attackers to cause a denial of service CPU consumption via a crafted request with a large year value, which triggers a long loop, as reachable through member.php and possibly other vectors...

5CVSS7.1AI score0.01707EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2009/12/29 12:0 a.m.5 views

PT-2009-6570 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB versions 1.4.10 and earlier Description: The issue allows remote authenticated users to determine the existence of files via directory traversal sequences in the avatar and possibly the gallery parameters when changing the user avatar fr...

6.5CVSS6.3AI score0.02698EPSS
Exploits1References14
Rows per page
Query Builder