Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add Mycode function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators an
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and beca
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrator
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators
A stored cross-site scripting (XSS) vulnerability in the component install\index.php of MyBB v1.8.38 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the W
CVE-2011-10018
CRITICAL CVSS 10.0
Find Similar
myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially
MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum announcement system that allows authenticated administrators to inject malicious scripts when creating announcement
A vulnerability has been found in zhenfeng13 My-BBS 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. At
A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile.
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation lead
MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through arcade game score comments. Attackers can add cra
myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the template management system that allows authenticated administrators to inject malicious scripts when creating new templat
A vulnerability, which was classified as problematic, has been found in Intelbras RF 301K 1.1.5. This issue affects some unknown processing of the component Add Static IP. The manipulation of the argu
A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16. Affected is an unknown function of the file system/pages/forum/new_post.php of the component Post Reply Hand
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a ne
An issue in ILIFE com.ilife.home.global 1.8.7 allows a remote attacker to obtain sensitive information via the firmware update process.
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Forum Website 1.0. This affects an unknown part of the file /registration.php of the component Signup Page. The
A vulnerability was found in SourceCodester Gym Management System 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It
Page 1+ Next →