Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2014-5248

Disclosure Date: August 14, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode.
0
Attacker Value
Unknown

CVE-2014-1840

Disclosure Date: March 03, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB 1.6.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a do_search action, which is not properly handled in a forced SQL error message.
0
Attacker Value
Unknown

CVE-2013-7288

Disclosure Date: January 10, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs.
0
Attacker Value
Unknown

CVE-2013-7275

Disclosure Date: January 08, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via the editor parameter in a smilie list popup.
0
Attacker Value
Unknown

CVE-2012-5909

Disclosure Date: November 17, 2012 (last updated October 05, 2023)
SQL injection vulnerability in admin/modules/user/users.php in MyBB (aka MyBulletinBoard) 1.6.6 allows remote attackers to execute arbitrary SQL commands via the conditions[usergroup][] parameter in a search action to admin/index.php.
0
Attacker Value
Unknown

CVE-2012-5908

Disclosure Date: November 17, 2012 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in admin/modules/user/users.php in MyBB (aka MyBulletinBoard) 1.6.6 allows remote attackers to inject arbitrary web script or HTML via the conditions[usergroup][] parameter in a search action to admin/index.php.
0