CVE-2018-15596 – MyBB 1.8.17 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-15596
An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren't sanitized, leading to XSS. Se ha descubierto un problema en inc/class_feedgeneration.php en MyBB 1.8.17. • https://www.exploit-db.com/exploits/45393 https://blog.mybb.com/2018/08/22/mybb-1-8-18-released-security-maintenance-release • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-14392 – MyBB New Threads Plugin 1.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-14392
The New Threads plugin before 1.2 for MyBB has XSS. El plugin New Threads en versiones anteriores a la 1.2 para MyBB tiene Cross-Site Scripting (XSS). MyBB New Threads plugin version 1.1 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/45057 https://community.mybb.com/mods.php?action=changelog&pid=1143 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-1000503
https://notcve.org/view.php?id=CVE-2018-1000503
MyBB Group MyBB contains a Incorrect Access Control vulnerability in Private forums that can result in Users can view posts from private forums without having the password. This attack appear to be exploitable via Subscribe to a forum through IDOR. This vulnerability appears to have been fixed in 1.8.15. MyBB Group MyBB contiene una vulnerabilidad de control de acceso incorrecto en los foros privados que puede resultar en que los usuarios puedan ver foros privados sin tener la contraseña. Este ataque parece ser explotable mediante una suscripción a un foro mediante IDOR. • http://www.batterystapl.es/2018/03/local-file-inclusion-and-reading.html https://blog.mybb.com/2018/03/15/mybb-1-8-15-released-security-maintenance-release • CWE-269: Improper Privilege Management •
CVE-2018-1000502
https://notcve.org/view.php?id=CVE-2018-1000502
MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel (Tools and Maintenance -> Task Manager -> Add New Task) that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have access to admin panel. This vulnerability appears to have been fixed in 1.8.15. MyBB Group MyBB contiene una vulnerabilidad de inclusión de archivos en el panel de administrador (Tools and Maintenance -> Task Manager -> Add New Task) que puede resultar en que se permita la inclusión de archivos locales en versiones modernas de PHP y la inclusión de archivos remota en versiones antiguas de PHP. Para explotar este ataque, el atacante debe tener acceso al panel de administración. • http://www.batterystapl.es/2018/03/local-file-inclusion-and-reading.html https://blog.mybb.com/2018/03/15/mybb-1-8-15-released-security-maintenance-release • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVE-2018-10678
https://notcve.org/view.php?id=CVE-2018-10678
MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_blank" rel="noopener"' in A elements, which makes it easier for remote attackers to conduct redirection attacks. MyBB 1.8.15, cuando se accede a él mediante Microsoft Edge, gestiona de manera incorrecta 'target="_blank" rel="noopener"' en elementos A, lo que facilita que atacantes remotos lleven a cabo ataques de redirección. • https://github.com/hbranco/CVE-2018-10678 http://www.securityfocus.com/bid/104187 https://gist.github.com/MayurUdiniya/7aaa50b878d82b6aab6ed0b3e2b080bc • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •