1.8.18

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-09	CVE-2022-24734	Unspecified vulnerability in Mybb MyBB is a free and open source forum software. network low complexity mybb	7.2
2021-11-04	CVE-2021-43281	Code Injection vulnerability in Mybb MyBB before 1.8.29 allows Remote Code Injection by an admin with the "Can manage settings?" permission. network low complexity mybb CWE-94	7.2
2021-10-26	CVE-2021-41866	Cross-site Scripting vulnerability in Mybb MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly. network low complexity mybb CWE-79	5.4
2021-03-15	CVE-2021-27949	Cross-site Scripting vulnerability in Mybb Cross-site Scripting vulnerability in MyBB before 1.8.26 via Custom moderator tools. network low complexity mybb CWE-79	6.1
2021-03-15	CVE-2021-27948	SQL Injection vulnerability in Mybb SQL Injection vulnerability in MyBB before 1.8.26 via User Groups. network low complexity mybb CWE-89	7.2
2021-03-15	CVE-2021-27947	SQL Injection vulnerability in Mybb SQL Injection vulnerability in MyBB before 1.8.26 via the Copy Forum feature in Forum Management. network low complexity mybb CWE-89	7.2
2021-03-15	CVE-2021-27946	SQL Injection vulnerability in Mybb SQL Injection vulnerability in MyBB before 1.8.26 via poll vote count. network low complexity mybb CWE-89	8.8
2021-03-15	CVE-2021-27890	SQL Injection vulnerability in Mybb SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files. network low complexity mybb CWE-89	8.8
2021-03-15	CVE-2021-27889	Cross-site Scripting vulnerability in Mybb Cross-site Scripting (XSS) vulnerability in MyBB before 1.8.26 via Nested Auto URL when parsing messages. network low complexity mybb CWE-79	6.1
2021-02-22	CVE-2021-27279	Cross-site Scripting vulnerability in Mybb MyBB before 1.8.25 allows stored XSS via nested [email] tags with MyCode (aka BBCode). network low complexity mybb CWE-79	5.4