25 matches found
EUVD-2016-10222
Malware in sbrugna...
EUVD-2016-10217
Malware in sbrugna...
EUVD-2016-10226
Malware in sbrugna...
CVE-2016-9408
Cross-site scripting XSS vulnerability in the Mod control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving editing users...
CVE-2016-9411
The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to obtain the installation path via vectors involving sending mails...
CVE-2016-9402
SQL injection vulnerability in the moderation tool in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2016-9407
Cross-site scripting XSS vulnerability in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs...
CVE-2016-9420
MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comparison false positives."...
CVE-2016-9406
Cross-site scripting XSS vulnerability in the User control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Design/Logic Flaw
MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files...
Cross site scripting
Cross-site scripting XSS vulnerability in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors related to login...
Server side request forgery (ssrf)
The fetchremotefile function in MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery SSRF attacks via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Admin control panel in MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-8973
xmlhttp.php in MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password...
CVE-2015-8977
CVE-2015-8977 affects MyBB (MyBulletinBoard) versions prior to 1.6.18 and 1.8.x prior to 1.8.6, plus the MyBB Merge System before 1.8.6. The issue allows remote attackers to disclose the installation path via vectors involving error log files, resulting in information disclosure. Root cause, as s...
CVE-2016-9406
CVE-2016-9406 is an XSS vulnerability in the MyBB User Control Panel (and MyBB Merge System) before version 1.8.7, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. The NVD entry lists impact as user-level confidentiality and integrity issues with low avail...
CVE-2016-9403
newreply.php in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check...
CVE-2016-9417
The fetchremotefile function in MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery SSRF attacks via unspecified vectors...
CVE-2016-9415
CVE-2016-9415 affects MyBB (MyBulletinBoard) on Windows prior to version 1.8.8 and MyBB Merge System on Windows prior to 1.8.8. The issue allows remote attackers to overwrite arbitrary CSS files via vectors related to “style import.” The root cause is not detailed here beyond the style import mec...
CVE-2016-9403
The CVE-2016-9403 issue affects MyBB (MyBulletinBoard) releases prior to 1.8.7 and the MyBB Merge System prior to 1.8.7. The root cause is a missing permission check in newreply.php, allowing remote attackers to impact the system in an unspecified way. The vulnerability is described with a high/c...