Mybulletinboard

Mybulletinboard

60 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2005-3777

  • EPSS 0.38%
  • Published 23.11.2005 01:03:00
  • Last modified 03.04.2025 01:03:51

MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote attackers to delete or move private messages (PM) via modified fields in the inbox form.

4.3

CVE-2005-3776

  • EPSS 0.3%
  • Published 23.11.2005 01:03:00
  • Last modified 03.04.2025 01:03:51

Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allow remote attackers to inject arbitrary web script or HTML via (1) the subject field when creating a new thread and (2) information passed to the Reputat...

7.5

CVE-2005-3326

Exploit
  • EPSS 0.56%
  • Published 27.10.2005 10:02:00
  • Last modified 03.04.2025 01:03:51

SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the awayday parameter.

7.5

CVE-2005-2778

Exploit
  • EPSS 0.81%
  • Published 02.09.2005 23:03:00
  • Last modified 03.04.2025 01:03:51

SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL statements via the fid parameter.

7.5

CVE-2005-2697

  • EPSS 1.26%
  • Published 26.08.2005 15:50:00
  • Last modified 03.04.2025 01:03:51

SQL injection vulnerability in search.php for MyBulletinBoard (MyBB) 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282.

7.5

CVE-2005-2580

  • EPSS 1.57%
  • Published 16.08.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 with Security Patch allow remote attackers to execute arbitrary SQL commands via the Username field in (1) index.php or (2) member.php, action parameter to (3) search.php or (4...

4.3

CVE-2005-1811

Exploit
  • EPSS 0.41%
  • Published 01.06.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in usercp.php for MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via the website field in a user profile.

7.5

CVE-2005-1833

Exploit
  • EPSS 1.04%
  • Published 31.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to calendar.php, (2) idsql parameter to online.php, (3) usersearch parameter to memberlist.ph...

4.3

CVE-2005-1832

Exploit
  • EPSS 0.43%
  • Published 31.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) dat...

7.5

CVE-2005-0282

Exploit
  • EPSS 0.58%
  • Published 02.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the uid parameter.