3 matches found
CVE-2011-5133
Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list."...
CVE-2011-5132
Cross-site scripting XSS vulnerability in MyBB before 1.6.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "usernames via AJAX."...
MyBB 1.6.5 Cross Site Scripting
Exploit Title: 0-day MyBB 1.6.5 XSS Vulnerability Date: 25/12/2011 - 18:30 Author: Cyber White Hats Nafsh Site: Cyberwh.org Mail: [email protected] Software Website: http://www.mybb.com/ Tested On: BackTrack 5 - Win7 Ultimate - Xp Platform: Php $ Dorks: inurl:"tags.php" intext:"MyBB 1.6.5" Vulnerabl...