Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2131 matches found

Cvelist
Cvelistadded 2026/01/23 4:47 p.m.24 views

CVE-2018-25116 MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting

MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution...

6.1CVSS0.00014EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/01/23 4:47 p.m.3 views

CVE-2018-25116 MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting

MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution...

6.1CVSS5.3AI score0.00014EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/01/23 4:47 p.m.3 views

CVE-2018-25116

MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution...

6.1CVSS5.9AI score0.00014EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2026/01/23 12:0 a.m.3 views

PT-2026-4501

MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution...

6.1CVSS5.3AI score0.00014EPSS
Exploits1References4
CNNVD
CNNVDadded 2026/01/23 12:0 a.m.1 views

MyBB_Plugin-Delete_Account security vulnerability

MyBBPlugin-DeleteAccount is a MyBB plugin developed by Vintagedaddyo. Version 1.4 of MyBBPlugin-DeleteAccount contains a security vulnerability. This vulnerability stems from the input field used for specifying the reason for account deletion, which has a cross-site scripting vulnerability,...

6.1CVSS5.6AI score0.00044EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/01/09 12:23 p.m.6 views

CVE-2018-14575

Trash Bin plugin 1.1.3 for MyBB has cross-site scripting XSS via a thread subject and a cross-site request forgery CSRF via a post subject...

8.8CVSS6.3AI score0.02931EPSS
Exploits5References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:29 a.m.3 views

CVE-2021-27947

SQL Injection vulnerability in MyBB before 1.8.26 via the Copy Forum feature in Forum Management. issue 2 of 3...

7.2CVSS8.2AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:25 a.m.4 views

CVE-2021-28115

The OUGC Feedback plugin before 1.8.23 for MyBB allows XSS via the comment field of feedback during an edit operation...

6.1CVSS5.9AI score0.0024EPSS
Exploits4References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:43 a.m.4 views

CVE-2006-1974

SQL injection vulnerability in index.php in MyBB MyBulletinBoard before 1.04 allows remote attackers to execute arbitrary SQL commands via the referrer parameter...

7.5CVSS8.8AI score0.00453EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 8:46 a.m.4 views

CVE-2025-23749

Cross-Site Request Forgery CSRF vulnerability in progpars.net mybb Last Topics mybb-last-topics allows Stored XSS.This issue affects mybb Last Topics: from n/a through = 1.0...

7.1CVSS7.2AI score0.00151EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:29 a.m.2 views

CVE-2019-12363

An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2014-11-05 for MyBB. An attacker can forge a request to an installed mybb2fa plugin to control its state via usercp.php?action=mybb2fa=deactivate or usercp.php?action=mybb2fa=activate. A deactivate operation lowers the security ...

8.8CVSS7AI score0.00083EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:27 a.m.4 views

CVE-2019-12830

In MyBB before 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post renderer that leads to video BBCode persistent XSS to take over any forum account, aka a nested video MyCode issue...

8.7CVSS6AI score0.00348EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/23 11:29 p.m.5 views

CVE-2023-53978

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum announcement system that allows authenticated administrators to inject malicious scripts when creating announcements. Attackers can exploit this vulnerability by inserting script payloads in the announcement titl...

5.4CVSS6.1AI score0.00025EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/23 11:29 p.m.3 views

CVE-2023-53977

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. Attackers can exploit this vulnerability by inserting script payloads in the forum title field when...

5.4CVSS6.1AI score0.00025EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/23 11:29 p.m.2 views

CVE-2023-53976

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the template management system that allows authenticated administrators to inject malicious scripts when creating new templates. Attackers can exploit this vulnerability by inserting script payloads in the template title...

5.4CVSS6.1AI score0.0003EPSS
Exploits1References1
EUVD
EUVDadded 2025/12/23 12:30 a.m.1 views

EUVD-2023-60239

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. Attackers can exploit this vulnerability by inserting script payloads in the forum title field when...

6.4CVSS5.7AI score0.00025EPSS
Exploits1References4
OSV
OSVadded 2025/12/22 10:16 p.m.1 views

CVE-2023-53978

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum announcement system that allows authenticated administrators to inject malicious scripts when creating announcements. Attackers can exploit this vulnerability by inserting script payloads in the announcement titl...

5.4CVSS5.9AI score
Exploits0References3
NVD
NVDadded 2025/12/22 10:16 p.m.3 views

CVE-2023-53977

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. Attackers can exploit this vulnerability by inserting script payloads in the forum title field when...

5.4CVSS0.00025EPSS
Exploits1References3
NVD
NVDadded 2025/12/22 10:16 p.m.1 views

CVE-2023-53978

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum announcement system that allows authenticated administrators to inject malicious scripts when creating announcements. Attackers can exploit this vulnerability by inserting script payloads in the announcement titl...

5.4CVSS0.00025EPSS
Exploits1References3
OSV
OSVadded 2025/12/22 10:16 p.m.2 views

CVE-2023-53976

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the template management system that allows authenticated administrators to inject malicious scripts when creating new templates. Attackers can exploit this vulnerability by inserting script payloads in the template title...

5.4CVSS5.8AI score0.00281EPSS
Exploits1References4
Rows per page
Query Builder