Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

34 matches found

RedhatCVE
RedhatCVEadded 2026/03/27 2:23 p.m.8 views

CVE-2021-27946

SQL Injection vulnerability in MyBB before 1.8.26 via poll vote count. issue 1 of 3...

8.8CVSS8.1AI score0.00122EPSS
Exploits5References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-3135

Malware in sbrugna...

6.5CVSS6.6AI score0.00197EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2012-5783

Malware in sbrugna...

7.5CVSS6.4AI score0.00926EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2016-10225

Malware in sbrugna...

7.5CVSS7.6AI score0.00919EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2014-3765

Malware in sbrugna...

5.4CVSS5.6AI score0.00187EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/22 5:56 a.m.3 views

CVE-2012-2327

MyBB aka MyBulletinBoard before 1.6.7 allows remote attackers to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message...

5CVSS6.5AI score0.00319EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 5:13 a.m.15 views

CVE-2019-3579

MyBB 1.8.19 allows remote attackers to obtain sensitive information because it discloses the username upon receiving a password-reset request that lacks the code parameter...

5.3CVSS6.7AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/04/26 5:56 a.m.4 views

CVE-2025-29457

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...

7.6CVSS6.5AI score0.01291EPSS
Exploits1References1
CVE
CVEadded 2025/04/17 12:0 a.m.58 views

CVE-2025-29458

CVE-2025-29458 concerns MyBB 1.8.38. The vulnerability arises in the Change Avatar feature, which can allow a remote attacker to obtain sensitive information. Root cause: mishandling of Change Avatar functionality (per multiple sources); supplier disputes relate to administrator actions and SSRF ...

7.6CVSS7.3AI score0.01291EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2025/04/17 12:0 a.m.2 views

CVE-2025-29459

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...

7.3AI score0.01281EPSS
Exploits1References2
CNVD
CNVDadded 2024/11/22 12:0 a.m.6 views

MyBB Cross-Site Scripting Vulnerability (CNVD-2024-46255)

MyBB is a free and open source forum software, written in PHP, supporting MySQL, MariaDB, PostgreSQL and SQLite databases. A cross-site scripting vulnerability exists in MyBB. The vulnerability is related to the component installindex.php, which does not adequately clean up the websitename...

5.4CVSS6.6AI score0.0101EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/01/03 12:0 a.m.9 views

CVE-2022-45867

MyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages module allows remote authenticated users, with high privileges, to achieve local file inclusion and execution...

7AI score0.00984EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2022/11/21 12:0 a.m.2 views

CVE-2022-43708

MyBB 1.8.31 has a issue 2 of 2 cross-site scripting XSS vulnerabilities in the post Attachments interface allow attackers to inject HTML by persuading the user to upload a file with specially crafted name...

6.1AI score0.00247EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/11/21 12:0 a.m.10 views

CVE-2022-43708

MyBB 1.8.31 has a issue 2 of 2 cross-site scripting XSS vulnerabilities in the post Attachments interface allow attackers to inject HTML by persuading the user to upload a file with specially crafted name...

6.2AI score0.00247EPSS
Exploits0References2
Cvelist
Cvelistadded 2021/03/15 5:8 p.m.22 views

CVE-2021-27946

SQL Injection vulnerability in MyBB before 1.8.26 via poll vote count. issue 1 of 3...

9.4AI score0.00122EPSS
Exploits5References2
NVD
NVDadded 2020/01/02 3:15 p.m.10 views

CVE-2019-20225

MyBB before 1.8.22 allows an open redirect on login...

6.1CVSS6.3AI score0.00236EPSS
Exploits0References2
Prion
Prionadded 2019/06/06 7:29 p.m.11 views

Cross site scripting

MyBB 1.8.19 has XSS in the resetpassword function...

4.3CVSS6AI score0.00231EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2019/06/06 7:29 p.m.9 views

CVE-2019-3578

MyBB 1.8.19 has XSS in the resetpassword function...

6.1CVSS6AI score0.00231EPSS
Exploits0References2
NVD
NVDadded 2019/06/06 7:29 p.m.11 views

CVE-2019-3579

MyBB 1.8.19 allows remote attackers to obtain sensitive information because it discloses the username upon receiving a password-reset request that lacks the code parameter...

5.3CVSS5.3AI score0.00256EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2017/05/02 12:0 a.m.20 views

MyBB < 1.8.11 Multiple Vulnerabilities

Binary data 700070.prm...

7.7CVSS6.2AI score0.0134EPSS
Exploits3References4
Rows per page
Query Builder