Vulnerabilities > Mybb
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-06 | CVE-2023-45556 | Cross-site Scripting vulnerability in Mybb Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 allows a local attacker to execute arbitrary code via the theme Name parameter in the theme management component. | 5.4 |
| 2023-11-06 | CVE-2023-46251 | Cross-site Scripting vulnerability in Mybb MyBB is a free and open source forum software. | 6.1 |
| 2023-09-01 | CVE-2020-22612 | Unspecified vulnerability in Mybb Installer RCE on settings file write in MyBB before 1.8.22. | 9.8 |
| 2023-08-29 | CVE-2023-41362 | Code Injection vulnerability in Mybb MyBB before 1.8.36 allows Code Injection by users with certain high privileges. | 7.2 |
| 2023-05-22 | CVE-2023-28467 | Cross-site Scripting vulnerability in Mybb In MyBB before 1.8.34, there is XSS in the User CP module via the user email field. | 6.1 |
| 2023-04-24 | CVE-2022-28354 | Cross-site Scripting vulnerability in Mybb Active Threads 1.3.0 In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period. | 6.1 |
| 2023-01-03 | CVE-2022-45867 | Path Traversal vulnerability in Mybb MyBB before 1.8.33 allows Directory Traversal. | 7.2 |
| 2022-11-22 | CVE-2022-43707 | Cross-site Scripting vulnerability in Mybb MyBB 1.8.31 has a Cross-site scripting (XSS) vulnerability in the visual MyCode editor (SCEditor) allows remote attackers to inject HTML via user input or stored data | 6.1 |
| 2022-11-22 | CVE-2022-43708 | Cross-site Scripting vulnerability in Mybb MyBB 1.8.31 has a (issue 2 of 2) cross-site scripting (XSS) vulnerabilities in the post Attachments interface allow attackers to inject HTML by persuading the user to upload a file with specially crafted name | 6.1 |
| 2022-11-22 | CVE-2022-43709 | SQL Injection vulnerability in Mybb MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings. | 4.9 |