Page 4 of 126 results (0.009 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Description" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en MyBB versión v1.8.20, permite a atacantes remotos inyectar script web o HTML arbitrario por medio del campo "Description" que se encuentra en la página "Add New Forum" haciendo una petición HTTP POST autenticada a "/Upload/admin/index.php?module=forum-management&action=add" • https://github.com/joelister/bug/issues/2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en MyBB versión v1.8.20, permite a atacantes remotos inyectar script web o HTML arbitrario por medio del campo "Title" que se encuentra en la página "Add New Forum" haciendo una petición HTTP POST autenticada a "/Upload/admin/index.php?module=forum-management&action=add" • https://github.com/joelister/bug/issues/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Cross-site Scripting vulnerability in MyBB before 1.8.26 via Custom moderator tools. Una vulnerabilidad de tipo Cross-site Scripting en MyBB versiones anteriores a 1.8.26, por medio de las herramientas de moderación Custom • https://github.com/mybb/mybb/security/advisories/GHSA-cmmr-39v8-8rx2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

SQL Injection vulnerability in MyBB before 1.8.26 via User Groups. (issue 3 of 3). Una vulnerabilidad de inyección SQL en MyBB versiones anteriores a 1.8.26 mediante User Groups. (número 3 de 3) • https://github.com/mybb/mybb/security/advisories/GHSA-3p9w-2q65-r6g2 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

SQL Injection vulnerability in MyBB before 1.8.26 via the Copy Forum feature in Forum Management. (issue 2 of 3). Una vulnerabilidad de inyección SQL en MyBB versiones anteriores a 1.8.26, por medio de la funcionalidad Copy Forum en Forum Management. (número 2 de 3) • https://github.com/mybb/mybb/security/advisories/GHSA-jjx8-8mcp-7h65 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •