Vulnerabilities > Mybb
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-22 | CVE-2023-28467 | Cross-site Scripting vulnerability in Mybb In MyBB before 1.8.34, there is XSS in the User CP module via the user email field. | 6.1 |
| 2023-04-24 | CVE-2022-28354 | Cross-site Scripting vulnerability in Mybb Active Threads 1.3.0 In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period. | 6.1 |
| 2023-01-03 | CVE-2022-45867 | Path Traversal vulnerability in Mybb MyBB before 1.8.33 allows Directory Traversal. | 7.2 |
| 2022-11-22 | CVE-2022-43707 | Cross-site Scripting vulnerability in Mybb MyBB 1.8.31 has a Cross-site scripting (XSS) vulnerability in the visual MyCode editor (SCEditor) allows remote attackers to inject HTML via user input or stored data | 6.1 |
| 2022-11-22 | CVE-2022-43708 | Cross-site Scripting vulnerability in Mybb MyBB 1.8.31 has a (issue 2 of 2) cross-site scripting (XSS) vulnerabilities in the post Attachments interface allow attackers to inject HTML by persuading the user to upload a file with specially crafted name | 6.1 |
| 2022-11-22 | CVE-2022-43709 | SQL Injection vulnerability in Mybb MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users module allows remote authenticated users to modify the query string via direct user input or stored search filter settings. | 4.9 |
| 2022-10-06 | CVE-2022-39265 | Injection vulnerability in Mybb MyBB is a free and open source forum software. | 7.2 |
| 2022-03-09 | CVE-2022-24734 | Code Injection vulnerability in Mybb MyBB is a free and open source forum software. | 7.2 |
| 2021-11-04 | CVE-2021-43281 | Code Injection vulnerability in Mybb MyBB before 1.8.29 allows Remote Code Injection by an admin with the "Can manage settings?" permission. | 6.5 |
| 2021-10-26 | CVE-2021-41866 | Cross-site Scripting vulnerability in Mybb MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly. | 3.5 |