MyBB Group

Short Name: [None Entered]
Previous Names: [None Entered]
URL: [None Entered]
Email: [None Entered]
Security URL: [None Entered]
Security Email: [None Entered]
Knowledge Base: [None Entered]
Notes: [No Notes]

Vulnerabilities by Vendor Product

MyBB Group

MyBB Group
MyBB Watch-list
1.0 PR2
OSVDB ID: 20700 MyBulletinBoard (MyBB) usercp.php awayday Parameter SQL Injection
RC4
OSVDB ID: 20700 MyBulletinBoard (MyBB) usercp.php awayday Parameter SQL Injection
1.0.2
OSVDB ID: 22628 MyBulletinBoard (MyBB) Allow HTML in Signatures Script Insertion
OSVDB ID: 22736 MyBulletinBoard (MyBB) search.php SQL Error Message Table Prefix Disclosure
OSVDB ID: 23937 MyBulletinBoard (MyBB) search.php keywords Parameter Reflected XSS
OSVDB ID: 22750 MyBulletinBoard (MyBB) search.php Multiple Parameter Reflected XSS
1.02
OSVDB ID: 22903 MyBulletinBoard (MyBB) global.php templatelist Parameter SQL Injection
1.0.4
OSVDB ID: 23264 MyBulletinBoard (MyBB) calendar.php Advanced Details Link XSS
OSVDB ID: 23935 MyBulletinBoard (MyBB) member.php Multiple Parameter XSS
1.0.3
OSVDB ID: 23935 MyBulletinBoard (MyBB) member.php Multiple Parameter XSS
OSVDB ID: 22750 MyBulletinBoard (MyBB) search.php Multiple Parameter Reflected XSS
1.10
OSVDB ID: 24375 MyBulletinBoard (MyBB) Multiple BBcode Tag XSS
1.1.0
OSVDB ID: 24711 MyBulletinBoard (MyBB) inc/init.php Variable Overwrite
OSVDB ID: 24710 MyBulletinBoard (MyBB) global.php Variable Overwrite
1.1.1
OSVDB ID: 24711 MyBulletinBoard (MyBB) inc/init.php Variable Overwrite
OSVDB ID: 24710 MyBulletinBoard (MyBB) global.php Variable Overwrite
1.1.4
OSVDB ID: 26810 MyBulletinBoard (MyBB) Unspecified User Group Manipulation
1.1.7
OSVDB ID: 28310 MyBulletinBoard (MyBB) Crafted url BBCode Tag XSS
OSVDB ID: 28311 MyBulletinBoard (MyBB) admin/index.php XSS
1.4.11
OSVDB ID: 63840 MyBB usercp2.php CSRF
OSVDB ID: 70275 MyBB Moderated Group Join Request Guest Access Remote DoS
OSVDB ID: 70276 MyBB member.php SQL COUNT Function Call User Table scan Remote DoS
OSVDB ID: 70277 MyBB Portal Page Latest Threads Block Remote Information Disclosure
OSVDB ID: 70278 MyBB Post Editing [img] MyCodes Quantity Restriction Bypass
OSVDB ID: 63839 MyBB Password Reset mt_rand() Token Generation Weakness
OSVDB ID: 63841 MyBB Password Reset Email BCC Header Injection
1.6
OSVDB ID: 69980 MyBB newreply.php posthash Parameter XSS
OSVDB ID: 69979 MyBB member.php url Parameter XSS
OSVDB ID: 70014 MyBB private.php keywords Parameter SQL Injection
OSVDB ID: 70013 MyBB search.php keywords Parameter SQL Injection
1.6
OSVDB ID: 70279 MyBB editpost.php Unspecified Parameter XSS
1.6
OSVDB ID: 71314 MyBB forumdisplay.php mybb[forumread] Cookie Malformed Input Path Disclosure
1.6.2
OSVDB ID: 71874 MyBB showthread.php mybb[forumread] Cookie SQL Injection
OSVDB ID: 71875 MyBB Malformed Search Query SQL Error Message Information Disclosure
1.4.15
OSVDB ID: 71874 MyBB showthread.php mybb[forumread] Cookie SQL Injection
OSVDB ID: 71875 MyBB Malformed Search Query SQL Error Message Information Disclosure
1.6.2
1.4.15
1.6.6
OSVDB ID: 80633 MyBB index.php conditions[usergroup][] Parameter XSS
OSVDB ID: 80634 MyBB index.php conditions[usergroup][] Parameter SQL Injection
1.6.6
OSVDB ID: 81776 MyBB Admin Control Panel (ACP) User Search SQL Injection
1.6.6
OSVDB ID: 81777 MyBB Admin Control Panel (ACP) Mail Log SQL Injection
1.6.6
OSVDB ID: 81778 MyBB Admin Control Panel (ACP) User Inline Moderation SQL Injection
1.6.6
OSVDB ID: 81779 MyBB Admin Control Panel (ACP) Orphaned Attachment Filename XSS
1.6.6
OSVDB ID: 81780 MyBB Forumread Cookie Malformed Input Path Disclosure
1.6.8
OSVDB ID: 82810 MyBB member.php uid Parameter SQL Injection
OSVDB ID: 88485 MyBB editpost.php posthash Parameter SQL Injection
1.6.5
OSVDB ID: 79132 MyBB Akismet Plugin Unspecified XSS
OSVDB ID: 79133 MyBB User Control Panel Forum Subscriptions Unspecified XSS
OSVDB ID: 79134 MyBB Moderator Control Panel Moderator Logs Unspecified XSS
OSVDB ID: 79135 MyBB Edit Post Unspecified XSS
OSVDB ID: 79136 MyBB Moderator Control Panel Announcement Editing Unspecified XSS
OSVDB ID: 79131 MyBB Calendar Event Moving Unspecified XSS
OSVDB ID: 79130 MyBB Multiple Function CSRF
1.6.8
OSVDB ID: 88484 MyBB CAPTCHA System Unspecified Brute Force Weakness
1.6.8
1.6.9
OSVDB ID: 92683 MyBB Database Optimization Unspecified SQL Injection
OSVDB ID: 92686 MyBB View Only Own Threads Flag Permission Verification Information Disclosure
1.6.9
OSVDB ID: 92684 MyBB Database Backup Creation Unspecified SQL Injection
1.6.9
OSVDB ID: 92685 MyBB Theme Name XSS
1.6.9
1.6.09
OSVDB ID: 92687 MyBB Debug Page Unspecified XSS
1.6.09
OSVDB ID: 92688 MyBB modcp.php Unspecified Input Validation Issue
1.6.09
OSVDB ID: 92689 MyBB calendar.php Unspecified Input Validation Issue
1.6.10
OSVDB ID: 98073 MyBB member.php url Parameter Arbitrary Site Redirect
OSVDB ID: 98317 MyBB Log File Database Backup Information Disclosure
OSVDB ID: 98318 MyBB Anonymous Statistics User Information Disclosure
OSVDB ID: 98319 MyBB generate_post_check() Function Unspecified Issue
OSVDB ID: 98315 MyBB Missing Login Key Unspecified Account Hijacking
OSVDB ID: 98316 MyBB UTF8 Username Handling Private Message Authorization Bypass
1.6.10
1.6.10
1.6.10
1.6.10
1.6.10
1.6.11
OSVDB ID: 101542 MyBB admin/modules/config/smilies.php Smilies Mass Editing SQL Injection
OSVDB ID: 101543 MyBB inc/plugins/akismet.php akismet_admin Function Post Deletion SQL Injection
OSVDB ID: 101545 MyBB misc.php Smilies Popup List Handling XSS
OSVDB ID: 101545 MyBB misc.php Smilies Popup List Handling XSS
OSVDB ID: 101544 MyBB inc/class_parser.php mycode_parse_video Function Yahoo Video URL Handling XSS
1.6.12
OSVDB ID: 101542 MyBB admin/modules/config/smilies.php Smilies Mass Editing SQL Injection
OSVDB ID: 101543 MyBB inc/plugins/akismet.php akismet_admin Function Post Deletion SQL Injection
OSVDB ID: 101545 MyBB misc.php Smilies Popup List Handling XSS
OSVDB ID: 101545 MyBB misc.php Smilies Popup List Handling XSS
OSVDB ID: 101544 MyBB inc/class_parser.php mycode_parse_video Function Yahoo Video URL Handling XSS
1.6.11
1.6.12
1.6.11
1.6.12
1.6.11
1.6.12
1.2.13
OSVDB ID: 47152 MyBulletinBoard (MyBB) search.php Unspecified Parameter XSS
1.2.14
OSVDB ID: 47152 MyBulletinBoard (MyBB) search.php Unspecified Parameter XSS
1.6.12
OSVDB ID: 102937 MyBB search.php keywords Parameter Reflected XSS
Unspecified
OSVDB ID: 103331 MyBB misc.php Request Saturation Remote DoS
1.6.12
OSVDB ID: 103877 MyBB /search.php sid[0] Parameter SQL Injection
DevBB Watch-list
1.0.0
OSVDB ID: 24994 DevBB member.php member Parameter XSS
MyBulletinBoard Watch-list
PR2 Rev.686
OSVDB ID: 21600 MyBulletinBoard (MyBB) calendar.php Multiple Variable POST Method SQL Injection
OSVDB ID: 22158 MyBulletinBoard (MyBB) ratethread.php rating Variable POST Method SQL Injection
OSVDB ID: 22157 MyBulletinBoard (MyBB) member.php rating Variable POST Method SQL Injection
1.03
OSVDB ID: 22957 MyBulletinBoard (MyBB) moderation.php posts Parameter SQL Injection
1.0 PR2 Rev.686
OSVDB ID: 21601 MyBulletinBoard (MyBB) printthread.php Message XSS
OSVDB ID: 24380 MyBulletinBoard (MyBB) Multiple Unspecified Issues
OSVDB ID: 22156 MyBulletinBoard (MyBB) usercp.php Multiple Variable POST Method SQL Injection
OSVDB ID: 22159 MyBulletinBoard (MyBB) function_upload.php SQL Injection
1.0 PR2
OSVDB ID: 21601 MyBulletinBoard (MyBB) printthread.php Message XSS
OSVDB ID: 24380 MyBulletinBoard (MyBB) Multiple Unspecified Issues
OSVDB ID: 22156 MyBulletinBoard (MyBB) usercp.php Multiple Variable POST Method SQL Injection
OSVDB ID: 22159 MyBulletinBoard (MyBB) function_upload.php SQL Injection
1.0
OSVDB ID: 21601 MyBulletinBoard (MyBB) printthread.php Message XSS
OSVDB ID: 24380 MyBulletinBoard (MyBB) Multiple Unspecified Issues
OSVDB ID: 22156 MyBulletinBoard (MyBB) usercp.php Multiple Variable POST Method SQL Injection
OSVDB ID: 22159 MyBulletinBoard (MyBB) function_upload.php SQL Injection
1.0.1
OSVDB ID: 21601 MyBulletinBoard (MyBB) printthread.php Message XSS
OSVDB ID: 24380 MyBulletinBoard (MyBB) Multiple Unspecified Issues
OSVDB ID: 22156 MyBulletinBoard (MyBB) usercp.php Multiple Variable POST Method SQL Injection
OSVDB ID: 22159 MyBulletinBoard (MyBB) function_upload.php SQL Injection
1.1.3
OSVDB ID: 26807 MyBulletinBoard (MyBB) editpost.php CSRF
1.1.4
OSVDB ID: 26807 MyBulletinBoard (MyBB) editpost.php CSRF
OSVDB ID: 26811 MyBulletinBoard (MyBB) Unspecified SQL Injection
Profile Albums Plugin for MyBB Watch-list
0.9
OSVDB ID: 86498 Profile Albums Plugin for MyBB albums.php album Parameter SQL Injection
MyBulletinBoard (MyBB) Watch-list
1.00 RC4
OSVDB ID: 17008 MyBulletinBoard (MyBB) misc.php Multiple Parameter XSS
OSVDB ID: 17009 MyBulletinBoard (MyBB) forumdisplay.php Multiple Parameter XSS
OSVDB ID: 17010 MyBulletinBoard (MyBB) member.php Multiple Parameter XSS
OSVDB ID: 17011 MyBulletinBoard (MyBB) memberlist.php Multiple Parameter XSS
OSVDB ID: 17012 MyBulletinBoard (MyBB) showthread.php Multiple Parameter XSS
OSVDB ID: 17013 MyBulletinBoard (MyBB) printthread.php tid Parameter XSS
OSVDB ID: 17015 MyBulletinBoard (MyBB) online.php pidsql Parameter SQL Injection
OSVDB ID: 17016 MyBulletinBoard (MyBB) memberlist.php usersearch Parameter SQL Injection
OSVDB ID: 17017 MyBulletinBoard (MyBB) editpost.php pid Parameter SQL Injection
OSVDB ID: 17018 MyBulletinBoard (MyBB) forumdisplay.php fid Parameter SQL Injection
OSVDB ID: 17019 MyBulletinBoard (MyBB) newreply.php tid Parameter SQL Injection
OSVDB ID: 17020 MyBulletinBoard (MyBB) search.php sid Parameter SQL Injection
OSVDB ID: 17021 MyBulletinBoard (MyBB) showthread.php Multiple Parameter SQL Injection
OSVDB ID: 17022 MyBulletinBoard (MyBB) usercp2.php tid Parameter SQL Injection
OSVDB ID: 17023 MyBulletinBoard (MyBB) printthread.php tid Parameter SQL Injection
OSVDB ID: 17024 MyBulletinBoard (MyBB) reputation.php pid Parameter SQL Injection
OSVDB ID: 17025 MyBulletinBoard (MyBB) portal.php username Parameter SQL Injection
OSVDB ID: 17026 MyBulletinBoard (MyBB) polls.php tid Parameter SQL Injection
OSVDB ID: 17027 MyBulletinBoard (MyBB) ratethread.php tid Parameter SQL Injection
OSVDB ID: 17014 MyBulletinBoard (MyBB) calendar.php eid Parameter SQL Injection
1.0 RC4
OSVDB ID: 16934 MyBulletinBoard (MyBB) usercp.php User Profile website Field XSS
1.0 RC3
OSVDB ID: 16934 MyBulletinBoard (MyBB) usercp.php User Profile website Field XSS
1.0 RC2
OSVDB ID: 16934 MyBulletinBoard (MyBB) usercp.php User Profile website Field XSS
1.0 RC1
OSVDB ID: 16934 MyBulletinBoard (MyBB) usercp.php User Profile website Field XSS
1.0
OSVDB ID: 16934 MyBulletinBoard (MyBB) usercp.php User Profile website Field XSS
1.0 RC4
OSVDB ID: 19030 MyBulletinBoard (MyBB) index.php Username Parameter SQL Injection
OSVDB ID: 19032 MyBulletinBoard (MyBB) polls.php polloptions Parameter SQL Injection
OSVDB ID: 19033 MyBulletinBoard (MyBB) search.php action Parameter SQL Injection
OSVDB ID: 19031 MyBulletinBoard (MyBB) member.php Multiple Parameter SQL Injection
1.1.1
OSVDB ID: 25074 MyBulletinBoard (MyBB) admin/adminfunctions.php querystring Parameter SQL Injection
OSVDB ID: 25075 MyBulletinBoard (MyBB) admin/templates.php Multiple Parameter SQL Injection
OSVDB ID: 25674 MyBulletinBoard (MyBB) showthread.php comma Parameter SQL Injection
1.1.2
OSVDB ID: 26216 MyBulletinBoard (MyBB) Registration username Field domecode() Function PHP Code Execution
1.0
1.02
OSVDB ID: 22737 MyBulletinBoard (MyBB) usercp.php Multiple Parameter XSS
Unknown or Unspecified
OSVDB ID: 12822 MyBulletinBoard (MyBB) calendar.php Add Event Function XSS
Unknown or Unspecified
OSVDB ID: 69926 MyBulletinBoard (MyBB) calendar.php Subject Field Arbitrary Java Code DoS



The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
License - Privacy Statement - Terms of Use