Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Patchstack
Patchstackadded 2025/12/25 5:1 p.m.3 views

WordPress Photo Gallery by 10Web plugin <= 1.8.38 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Tabulra in WordPress Plugin Photo Gallery by 10Web versions = 1.8.38...

5.9CVSS5.3AI score0.00042EPSS
Exploits0Affected Software1
OSV
OSVadded 2025/04/17 10:15 p.m.1 views

CVE-2025-29458

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation...

7.6CVSS5.8AI score0.00983EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/04/17 12:0 a.m.1 views

MyBB 安全漏洞

MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A security vulnerability exists in MyBB version 1.8.38, which stems from mishandling of the email...

7.6CVSS6.7AI score0.00975EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/03/10 12:0 a.m.2 views

PT-2025-17242 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.38 Description: The issue allows a remote attacker to obtain sensitive information via the Add Mycode function. Recommendations: For MyBB version 1.8.38, at the moment, there is no information about a newer version that...

8CVSS6AI score0.00946EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2025/03/09 12:0 a.m.2 views

PT-2025-17241 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.38 Description: An issue in MyBB allows a remote attacker to obtain sensitive information via the Mail function. Recommendations: For MyBB version 1.8.38, consider disabling the Mail function as a temporary workaround until a...

8CVSS6.1AI score0.00975EPSS
Exploits1References12
OpenVAS
OpenVASadded 2024/12/05 12:0 a.m.13 views

MyBB <= 1.8.38 XSS Vulnerability

MyBB is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb";...

5.4CVSS6.3AI score0.0101EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/11/20 12:0 a.m.2 views

PT-2024-35415

Name of the Vulnerable Software and Affected Versions MyBB version 1.8.38 Description A stored cross-site scripting XSS issue exists in the component installindex.php, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Name parameter. This...

5.4CVSS5.5AI score0.0101EPSS
Exploits1References7
Rows per page
Query Builder