Page 8 of 72 results (0.004 seconds)

CVSS: 6.1EPSS: 0%CPEs: 15EXPL: 0

CVE-2014-5248

https://notcve.org/view.php?id=CVE-2014-5248

14 Aug 2014 — Cross-site scripting (XSS) vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode. Vulnerabilidad de XSS en MyBB anterior a 1.6.15 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a traves de vectores relacionados con video MyCode. • http://blog.mybb.com/2014/08/04/mybb-1-6-15-released-security-maintenance-release • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 3

CVE-2014-1840 – MyBB 1.6.12 POST Cross Site Scripting

https://notcve.org/view.php?id=CVE-2014-1840

03 Feb 2014 — Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB 1.6.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a do_search action, which is not properly handled in a forced SQL error message. Vulnerabilidad de XSS en Upload/search.php en MyBB 1.6.12 y anteriores permite a atacantes remotos inyectar script Web o HTML arbitrarios a través del parámetro keywords en una acción do_search, que no es manejado debidamente en un mensaje de error ... • https://packetstorm.news/files/id/125038 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •