Mybb@1.6.7 Security Vulnerabilities and Issues — Mybb@1.6.7 CVE List

Lucene search

MybbMybb1.6.7

4 matches found

CVE•added 2014/03/03 4:55 p.m.•41 views

CVE-2014-1840

Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB 1.6.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a do_search action, which is not properly handled in a forced SQL error message.

4.3CVSS6.3AI score0.00225EPSS

CVE•added 2014/08/14 6:47 p.m.•35 views

CVE-2014-5248

Cross-site scripting (XSS) vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode.

4.3CVSS5.8AI score0.00263EPSS

CVE•added 2014/01/10 4:47 p.m.•32 views

CVE-2013-7288

Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs.

4.3CVSS5.8AI score0.00357EPSS

CVE•added 2014/01/08 3:29 p.m.•31 views

CVE-2013-7275

Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via the editor parameter in a smilie list popup.

4.3CVSS5.8AI score0.0032EPSS