MyBB File Name Cross-Site Scripting Vulnerability

MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A cross-site scripting vulnerability exists in MyBB before version 1.8.31, which stems from the lack o...

PT-2022-27013 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.31 Description: The issue allows remote attackers to inject HTML via user input or stored data due to a Cross-site scripting XSS vulnerability in the visual MyCode editor SCEditor. Recommendations: For MyBB version 1.8.31, as...

PT-2022-27014 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.31 Description: The issue allows attackers to inject HTML by persuading the user to upload a file with a specially crafted name, exploiting cross-site scripting XSS vulnerabilities in the post Attachments interface...

PT-2022-27015 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.31 Description: The issue allows remote authenticated users to modify the query string via direct user input or stored search filter settings in the Admin CP's Users module, resulting in a SQL injection vulnerability...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo Baron Samed...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress My Tickets plugin in versions prior to 1.8.31 suffers from a cross-site scripting vulnerability...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Introduction This repository was created f...

Exploit for Off-by-one Error in Sudo_Project Sudo

PoC exploit for CVE-2021-3156, a vulnerability in the Linux kern...