Vulnerabilities > Mybulletinboard > Mybulletinboard > 1.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-19 | CVE-2006-1282 | Input Validation vulnerability in MyBB CRLF injection vulnerability in inc/function.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to conduct cross-site scripting (XSS), poison caches, or hijack pages via CRLF (%0A%0D) sequences in the Referrer HTTP header field, possibly when redirecting to other web pages. network mybulletinboard | 4.3 |
| 2006-03-19 | CVE-2006-1281 | Input Validation vulnerability in MyBB Cross-site scripting (XSS) vulnerability in member.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to inject arbitrary web script or HTML via the url parameter, a different vulnerability than CVE-2006-1272. network mybulletinboard | 3.5 |
| 2006-03-19 | CVE-2006-1272 | Input Validation vulnerability in Mybulletinboard 1.0.3 Multiple cross-site scripting (XSS) vulnerabilities in member.php in MyBulletin Board (MyBB) 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) aim, (2) yahoo, (3) msn, or (4) website field. network mybulletinboard | 4.3 |
| 2006-03-02 | CVE-2006-0959 | SQL Injection vulnerability in Mybulletinboard 1.0.3/1.0.4 SQL injection vulnerability in misc.php in MyBulletinBoard (MyBB) 1.03, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands by setting the comma variable value via the comma parameter in a cookie. | 7.5 |
| 2006-02-18 | CVE-2006-0770 | Cross-Site Scripting vulnerability in MyBulletinBoard Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in "advanced details". | 2.6 |
| 2006-02-10 | CVE-2006-0638 | SQL Injection vulnerability in Mybulletinboard 1.0.3 SQL injection vulnerability in moderation.php in MyBB (aka MyBulletinBoard) 1.0.3 allows remote authenticated users, with certain privileges for moderating and merging posts, to execute arbitrary SQL commands via the posts parameter. | 6.5 |