Vulnerabilities > Mybb > Mybb > 1.8.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-11-10 | CVE-2017-16780 | Cross-Site Request Forgery (CSRF) vulnerability in Mybb The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file. | 7.5 |
2017-04-24 | CVE-2017-8104 | Path Traversal vulnerability in Mybb In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter. | 5.0 |
2017-04-24 | CVE-2017-8103 | Cross-site Scripting vulnerability in Mybb In MyBB before 1.8.11, the Email MyCode component allows XSS, as demonstrated by an onmouseover event. | 4.3 |
2017-04-06 | CVE-2017-7566 | Server-Side Request Forgery (SSRF) vulnerability in Mybb MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism. | 4.0 |