Vulnerabilities > Mybulletinboard > Mybulletinboard > rc1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-02-15 | CVE-2008-0787 | SQL Injection vulnerability in Mybulletinboard SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php. | 6.5 |
2006-03-19 | CVE-2006-1282 | Input Validation vulnerability in MyBB CRLF injection vulnerability in inc/function.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to conduct cross-site scripting (XSS), poison caches, or hijack pages via CRLF (%0A%0D) sequences in the Referrer HTTP header field, possibly when redirecting to other web pages. network mybulletinboard | 4.3 |
2006-03-19 | CVE-2006-1281 | Input Validation vulnerability in MyBB Cross-site scripting (XSS) vulnerability in member.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to inject arbitrary web script or HTML via the url parameter, a different vulnerability than CVE-2006-1272. network mybulletinboard | 3.5 |
2005-12-31 | CVE-2005-4603 | HTML Injection vulnerability in MyBB Print Thread Script Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a thread message, which is not properly sanitized in the print view of the thread. network mybulletinboard | 4.3 |
2005-12-31 | CVE-2005-4602 | SQL Injection vulnerability in MyBB File Upload SQL injection vulnerability in inc/function_upload.php in MyBB before 1.0.1 allows remote attackers to execute arbitrary SQL commands via the file extension of an uploaded file attachment. | 7.5 |
2005-12-13 | CVE-2005-4200 | SQL Injection vulnerability in MyBB Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0 have unknown impact and attack vectors, a different set of vulnerabilities than those identified by CVE-2005-4199. | 10.0 |
2005-09-02 | CVE-2005-2778 | SQL Injection vulnerability in MyBB Member.PHP SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL statements via the fid parameter. | 7.5 |