Vulnerabilities > Mybulletinboard > Mybulletinboard > 1.1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-13 | CVE-2006-2908 | Remote PHP Script Code Injection vulnerability in Mybulletinboard 1.1.2 The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier. | 7.5 |
2006-06-12 | CVE-2006-2949 | Cross-Site Scripting vulnerability in Mybulletinboard 1.1.2 Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the do parameter. network mybulletinboard | 6.8 |