cbcvebase.

Mybb Merge System vulnerabilities

24 known vulnerabilities affecting mybb/merge_system.

Total CVEs
24
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH7MEDIUM11

Vulnerabilities

Page 2 of 2
CVE-2016-9421P4MEDIUMCVSS 6.1≤ 1.8.72017-01-31
CVE-2016-9421 [MEDIUM] CWE-79 CVE-2016-9421: Cross-site scripting (XSS) vulnerability in the Users module in the Admin control panel in MyBB (aka Cross-site scripting (XSS) vulnerability in the Users module in the Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2016-9407P4MEDIUMCVSS 6.1≤ 1.8.62017-01-31
CVE-2016-9407 [MEDIUM] CWE-79 CVE-2016-9407: Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge S Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs.
nvd
CVE-2016-9404P4MEDIUMCVSS 6.1≤ 1.8.62017-01-31
CVE-2016-9404 [MEDIUM] CWE-79 CVE-2016-9404: Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge S Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors related to login.
nvd
CVE-2015-8976P4MEDIUMCVSS 6.1v1.8.52017-01-31
CVE-2015-8976 [MEDIUM] CWE-79 CVE-2015-8976: Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x befor Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via vectors related to "old upgrade files."
nvd
Mybb Merge System vulnerabilities | cvebase