3 matches found
MyBB 1.8.25 SQL Injection
Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL [email protected] Date: 20.03.2021 Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy"...
CVE-2021-27279
MyBB before 1.8.25 allows stored XSS via nested email tags with MyCode aka BBCode...
CVE-2021-27279
MyBB before 1.8.25 allows stored XSS via nested email tags with MyCode aka BBCode...