Vendor Dictionary: MyBB Group

MyBB Group

Short Name:	[None Entered]
Previous Names:	[None Entered]
URL:	[None Entered]
Email:	[None Entered]
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	[No Notes]
Full Details...

Vulnerabilities by Vendor Product

MyBB Group

MyBB Group

MyBB: 1.0 PR2; OSVDB ID: 20700 MyBulletinBoard (MyBB) usercp.php awayday Parameter SQL Injection; RC4; OSVDB ID: 20700 MyBulletinBoard (MyBB) usercp.php awayday Parameter SQL Injection; 1.0.2; OSVDB ID: 22628 MyBulletinBoard (MyBB) Allow HTML in Signatures Script Insertion; OSVDB ID: 22750 MyBulletinBoard (MyBB) search.php Multiple Parameter XSS; OSVDB ID: 22736 MyBulletinBoard (MyBB) search.php SQL Error Message Table Prefix Disclosure; 1.02; OSVDB ID: 22903 MyBulletinBoard (MyBB) global.php templatelist Parameter SQL Injection; 1.0.4; OSVDB ID: 23264 MyBulletinBoard (MyBB) calendar.php Advanced Details Link XSS; OSVDB ID: 23935 MyBulletinBoard (MyBB) member.php Multiple Parameter XSS; 1.0.3; OSVDB ID: 23935 MyBulletinBoard (MyBB) member.php Multiple Parameter XSS; 1.1.0; OSVDB ID: 24711 MyBulletinBoard (MyBB) inc/init.php Variable Overwrite; OSVDB ID: 24710 MyBulletinBoard (MyBB) global.php Variable Overwrite; 1.1.1; OSVDB ID: 24711 MyBulletinBoard (MyBB) inc/init.php Variable Overwrite; OSVDB ID: 24710 MyBulletinBoard (MyBB) global.php Variable Overwrite; 1.1.4; OSVDB ID: 26810 MyBulletinBoard (MyBB) Unspecified User Group Manipulation; 1.1.7; OSVDB ID: 28310 MyBulletinBoard (MyBB) Crafted url BBCode Tag XSS; OSVDB ID: 28311 MyBulletinBoard (MyBB) admin/index.php XSS; 1.4.11; OSVDB ID: 63841 MyBB Password Reset Email BCC Header Injection; OSVDB ID: 63839 MyBB Password Reset mt_rand() Token Generation Weakness; OSVDB ID: 63840 MyBB usercp2.php CSRF; OSVDB ID: 70275 MyBB Moderated Group Join Request Guest Access Remote DoS; OSVDB ID: 70276 MyBB member.php SQL COUNT Function Call User Table scan Remote DoS; OSVDB ID: 70277 MyBB Portal Page Latest Threads Block Remote Information Disclosure; OSVDB ID: 70278 MyBB Post Editing [img] MyCodes Quantity Restriction Bypass; 1.6; OSVDB ID: 70013 MyBB search.php keywords Parameter SQL Injection; OSVDB ID: 70014 MyBB private.php keywords Parameter SQL Injection; OSVDB ID: 69980 MyBB newreply.php posthash Parameter XSS; OSVDB ID: 69979 MyBB member.php url Parameter XSS; 1.6; OSVDB ID: 70279 MyBB editpost.php Unspecified Parameter XSS; 1.6; OSVDB ID: 71314 MyBB forumdisplay.php mybb[forumread] Cookie Malformed Input Path Disclosure; 1.6.2; OSVDB ID: 71874 MyBB showthread.php mybb[forumread] Cookie SQL Injection; OSVDB ID: 71875 MyBB Malformed Search Query SQL Error Message Information Disclosure; 1.4.15; OSVDB ID: 71874 MyBB showthread.php mybb[forumread] Cookie SQL Injection; OSVDB ID: 71875 MyBB Malformed Search Query SQL Error Message Information Disclosure; 1.6.2; 1.4.15

DevBB: 1.0.0; OSVDB ID: 24994 DevBB member.php member Parameter XSS

MyBulletinBoard: PR2 Rev.686; OSVDB ID: 21600 MyBulletinBoard (MyBB) calendar.php Multiple Variable POST Method SQL Injection; OSVDB ID: 22158 MyBulletinBoard (MyBB) ratethread.php rating Variable POST Method SQL Injection; OSVDB ID: 22157 MyBulletinBoard (MyBB) member.php rating Variable POST Method SQL Injection; 1.03; OSVDB ID: 22957 MyBulletinBoard (MyBB) moderation.php posts Parameter SQL Injection; 1.0 PR2 Rev.686; OSVDB ID: 21601 MyBulletinBoard (MyBB) printthread.php Message XSS; OSVDB ID: 24380 MyBulletinBoard (MyBB) Multiple Unspecified Issues; OSVDB ID: 22156 MyBulletinBoard (MyBB) usercp.php Multiple Variable POST Method SQL Injection; OSVDB ID: 22159 MyBulletinBoard (MyBB) function_upload.php SQL Injection; 1.0 PR2; OSVDB ID: 21601 MyBulletinBoard (MyBB) printthread.php Message XSS; OSVDB ID: 24380 MyBulletinBoard (MyBB) Multiple Unspecified Issues; OSVDB ID: 22156 MyBulletinBoard (MyBB) usercp.php Multiple Variable POST Method SQL Injection; OSVDB ID: 22159 MyBulletinBoard (MyBB) function_upload.php SQL Injection; 1.0; OSVDB ID: 21601 MyBulletinBoard (MyBB) printthread.php Message XSS; OSVDB ID: 24380 MyBulletinBoard (MyBB) Multiple Unspecified Issues; OSVDB ID: 22156 MyBulletinBoard (MyBB) usercp.php Multiple Variable POST Method SQL Injection; OSVDB ID: 22159 MyBulletinBoard (MyBB) function_upload.php SQL Injection; 1.0.1; OSVDB ID: 21601 MyBulletinBoard (MyBB) printthread.php Message XSS; OSVDB ID: 24380 MyBulletinBoard (MyBB) Multiple Unspecified Issues; OSVDB ID: 22156 MyBulletinBoard (MyBB) usercp.php Multiple Variable POST Method SQL Injection; OSVDB ID: 22159 MyBulletinBoard (MyBB) function_upload.php SQL Injection

MyBulletinBoard (MyBB): 1.00 RC4; OSVDB ID: 17008 MyBulletinBoard (MyBB) misc.php Multiple Parameter XSS; OSVDB ID: 17009 MyBulletinBoard (MyBB) forumdisplay.php Multiple Parameter XSS; OSVDB ID: 17010 MyBulletinBoard (MyBB) member.php Multiple Parameter XSS; OSVDB ID: 17011 MyBulletinBoard (MyBB) memberlist.php Multiple Parameter XSS; OSVDB ID: 17012 MyBulletinBoard (MyBB) showthread.php Multiple Parameter XSS; OSVDB ID: 17013 MyBulletinBoard (MyBB) printthread.php tid Parameter XSS; OSVDB ID: 17015 MyBulletinBoard (MyBB) online.php pidsql Parameter SQL Injection; OSVDB ID: 17016 MyBulletinBoard (MyBB) memberlist.php usersearch Parameter SQL Injection; OSVDB ID: 17017 MyBulletinBoard (MyBB) editpost.php pid Parameter SQL Injection; OSVDB ID: 17018 MyBulletinBoard (MyBB) forumdisplay.php fid Parameter SQL Injection; OSVDB ID: 17019 MyBulletinBoard (MyBB) newreply.php tid Parameter SQL Injection; OSVDB ID: 17020 MyBulletinBoard (MyBB) search.php sid Parameter SQL Injection; OSVDB ID: 17021 MyBulletinBoard (MyBB) showthread.php Multiple Parameter SQL Injection; OSVDB ID: 17022 MyBulletinBoard (MyBB) usercp2.php tid Parameter SQL Injection; OSVDB ID: 17023 MyBulletinBoard (MyBB) printthread.php tid Parameter SQL Injection; OSVDB ID: 17024 MyBulletinBoard (MyBB) reputation.php pid Parameter SQL Injection; OSVDB ID: 17025 MyBulletinBoard (MyBB) portal.php username Parameter SQL Injection; OSVDB ID: 17026 MyBulletinBoard (MyBB) polls.php tid Parameter SQL Injection; OSVDB ID: 17027 MyBulletinBoard (MyBB) ratethread.php tid Parameter SQL Injection; OSVDB ID: 17014 MyBulletinBoard (MyBB) calendar.php eid Parameter SQL Injection; 1.0 RC4; OSVDB ID: 19030 MyBulletinBoard (MyBB) index.php Username Parameter SQL Injection; OSVDB ID: 19032 MyBulletinBoard (MyBB) polls.php polloptions Parameter SQL Injection; OSVDB ID: 19033 MyBulletinBoard (MyBB) search.php action Parameter SQL Injection; OSVDB ID: 19031 MyBulletinBoard (MyBB) member.php Multiple Parameter SQL Injection; 1.1.1; OSVDB ID: 25074 MyBulletinBoard (MyBB) admin/adminfunctions.php querystring Parameter SQL Injection; OSVDB ID: 25075 MyBulletinBoard (MyBB) admin/templates.php Multiple Parameter SQL Injection; OSVDB ID: 25674 MyBulletinBoard (MyBB) showthread.php comma Parameter SQL Injection; 1.0; 1.02; OSVDB ID: 22737 MyBulletinBoard (MyBB) usercp.php Multiple Variable POST Method XSS; Unknown or Unspecified; OSVDB ID: 12822 MyBulletinBoard (MyBB) calendar.php Add Event Function XSS; Unknown or Unspecified; OSVDB ID: 69926 MyBulletinBoard (MyBB) calendar.php Subject Field Arbitrary Java Code DoS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.