NotCVE - vendor:"Mybb" product:"Mybb" version:" <= 1.2.12"

Page 4 of 106 results (0.007 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-27949

https://notcve.org/view.php?id=CVE-2021-27949

Cross-site Scripting vulnerability in MyBB before 1.8.26 via Custom moderator tools. Una vulnerabilidad de tipo Cross-site Scripting en MyBB versiones anteriores a 1.8.26, por medio de las herramientas de moderación Custom • https://github.com/mybb/mybb/security/advisories/GHSA-cmmr-39v8-8rx2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-27948

https://notcve.org/view.php?id=CVE-2021-27948

SQL Injection vulnerability in MyBB before 1.8.26 via User Groups. (issue 3 of 3). Una vulnerabilidad de inyección SQL en MyBB versiones anteriores a 1.8.26 mediante User Groups. (número 3 de 3) • https://github.com/mybb/mybb/security/advisories/GHSA-3p9w-2q65-r6g2 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-27947

https://notcve.org/view.php?id=CVE-2021-27947

SQL Injection vulnerability in MyBB before 1.8.26 via the Copy Forum feature in Forum Management. (issue 2 of 3). Una vulnerabilidad de inyección SQL en MyBB versiones anteriores a 1.8.26, por medio de la funcionalidad Copy Forum en Forum Management. (número 2 de 3) • https://github.com/mybb/mybb/security/advisories/GHSA-jjx8-8mcp-7h65 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2

CVE-2021-27946 – MyBB 1.8.25 - Poll Vote Count SQL Injection

https://notcve.org/view.php?id=CVE-2021-27946

SQL Injection vulnerability in MyBB before 1.8.26 via poll vote count. (issue 1 of 3). Una vulnerabilidad de inyección SQL en MyBB, versiones anteriores a 1.8.26, mediante el recuento de votos de la encuesta. (número 1 de 3) MyBB version 1.8.25 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/49699 http://packetstormsecurity.com/files/161918/MyBB-1.8.25-SQL-Injection.html https://github.com/mybb/mybb/security/advisories/GHSA-23m9-w75q-ph4p • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2

CVE-2021-27890 – MyBB 1.8.25 - Chained Remote Command Execution

https://notcve.org/view.php?id=CVE-2021-27890

SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files. Una vulnerabilidad de inyección SQL en MyBB versiones anteriores a 1.8.26, mediante las propiedades del tema incluyendo en los archivos XML del tema • https://www.exploit-db.com/exploits/49696 http://packetstormsecurity.com/files/161908/MyBB-1.8.25-Remote-Command-Execution.html https://blog.sonarsource.com/mybb-remote-code-execution-chain https://github.com/mybb/mybb/security/advisories/GHSA-r34m-ccm8-mfhq • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

1 2 3 4 5