21 matches found
CVE-2021-27947
SQL Injection vulnerability in MyBB before 1.8.26 via the Copy Forum feature in Forum Management. issue 2 of 3...
EUVD-2019-13214
Malware in sbrugna...
EUVD-2020-7229
Malware in sbrugna...
EUVD-2018-3560
Malware in sbrugna...
EUVD-2011-5246
Malware in sbrugna...
EUVD-2016-10215
Malware in sbrugna...
CVE-2011-10018
myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of...
PT-2025-33087 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: myBB version 1.6.4 Description: myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. This backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted...
CVE-2014-9241
Multiple cross-site scripting XSS vulnerabilities in MyBB aka MyBulletinBoard 1.8.x before 1.8.2 allow remote attackers to inject arbitrary web script or HTML via the 1 type parameter to report.php, 2 signature parameter in a doeditsig action to usercp.php, or 3 title parameter in the...
CVE-2012-2324
Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...
CVE-2025-29457
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...
PT-2023-12939 · Mybb · External Redirect Warning Plugin
Name of the Vulnerable Software and Affected Versions: External Redirect Warning Plugin version 1.3 for MyBB Description: The issue concerns a problem where the redirect URL, also known as external.php?url=, is susceptible to XSS. This means an attacker could potentially inject malicious scripts...
PT-2022-27013 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.31 Description: The issue allows remote attackers to inject HTML via user input or stored data due to a Cross-site scripting XSS vulnerability in the visual MyCode editor SCEditor. Recommendations: For MyBB version 1.8.31, as...
PT-2019-16627 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.19 Description: The issue allows remote attackers to obtain sensitive information. This occurs because the software discloses the username when it receives a password-reset request that lacks the code parameter...
PT-2019-16626 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.19 Description: The issue is related to a problem in the resetpassword function, which has XSS. Recommendations: For MyBB version 1.8.19, update to a newer version that contains a fix for this issue...
MyBB < 1.6.15 XSS
Binary data 9120.prm...
MyBB Version Detection
Binary data 9126.prm...
MyBB < 1.2.12 private.php options[disablesmilies] Parameter SQL Injection
Binary data 4353.prm...
MyBB 1.2.11 Multiple XSRF Vulnerabilities
Founded: 18, January 2008 Founder: nbbn MyBB Version: 1.2.11 and lower Type: Multiple XSRF Vulnerabilities 1 Delete Threads XSRF Vulnerabilitie: html head /head body onLoad="javascript:document.formular.submit" form action="http://localhost/xampp/mybb/moderation.php" method="post" name="formular"...
MyBB 1.1.7 - Multiple HTML Injection Vulnerabilities
MyBB 1.1.7 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/19718/info MyBB is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...