Page 3 of 13 results (0.009 seconds)

CVSS: 4.3EPSS: 1%CPEs: 12EXPL: 0

Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a thread message, which is not properly sanitized in the print view of the thread. • http://secunia.com/advisories/18281 http://securityreason.com/securityalert/310 http://www.osvdb.org/21601 http://www.securityfocus.com/archive/1/420569/100/0/threaded http://www.securityfocus.com/bid/16096 http://www.vupen.com/english/advisories/2006/0012 •

CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0

Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0 have unknown impact and attack vectors, a different set of vulnerabilities than those identified by CVE-2005-4199. • http://community.mybboard.net/showthread.php?tid=5184&pid=30964#pid30964 http://secunia.com/advisories/18000 http://www.securityfocus.com/bid/15793 http://www.vupen.com/english/advisories/2005/2842 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the awayday parameter. • https://www.exploit-db.com/exploits/26396 http://community.mybboard.net/showthread.php?tid=4507&pid=27223#pid27223 http://www.osvdb.org/20700 http://www.securityfocus.com/archive/1/414672 http://www.securityfocus.com/bid/15204 •