Vulnerabilities > Mybulletinboard > Mybulletinboard > 1.0.rc4

DATE CVE VULNERABILITY TITLE RISK
2005-12-31 CVE-2005-4602 SQL Injection vulnerability in MyBB File Upload
SQL injection vulnerability in inc/function_upload.php in MyBB before 1.0.1 allows remote attackers to execute arbitrary SQL commands via the file extension of an uploaded file attachment.
network
low complexity
mybulletinboard
7.5
7.5
2005-12-13 CVE-2005-4200 SQL Injection vulnerability in MyBB
Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0 have unknown impact and attack vectors, a different set of vulnerabilities than those identified by CVE-2005-4199.
network
low complexity
mybulletinboard
critical
 10.0
10
2005-06-01 CVE-2005-1811 HTML Injection vulnerability in Mybulletinboard 1.0Rc4
Cross-site scripting (XSS) vulnerability in usercp.php for MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via the website field in a user profile.
network
mybulletinboard
4.3
4.3
2005-05-02 CVE-2005-0282 SQL Injection vulnerability in Mybulletinboard 1.0Rc4
SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
network
low complexity
mybulletinboard
7.5
7.5