Mybb Merge System vulnerabilities
24 known vulnerabilities affecting mybb/merge_system.
Total CVEs
24
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH7MEDIUM11
Vulnerabilities
Page 2 of 2
CVE-2016-9421P4MEDIUMCVSS 6.1≤ 1.8.72017-01-31
CVE-2016-9421 [MEDIUM] CWE-79 CVE-2016-9421: Cross-site scripting (XSS) vulnerability in the Users module in the Admin control panel in MyBB (aka
Cross-site scripting (XSS) vulnerability in the Users module in the Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2016-9407P4MEDIUMCVSS 6.1≤ 1.8.62017-01-31
CVE-2016-9407 [MEDIUM] CWE-79 CVE-2016-9407: Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge S
Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs.
nvd
CVE-2016-9404P4MEDIUMCVSS 6.1≤ 1.8.62017-01-31
CVE-2016-9404 [MEDIUM] CWE-79 CVE-2016-9404: Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge S
Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors related to login.
nvd
CVE-2015-8976P4MEDIUMCVSS 6.1v1.8.52017-01-31
CVE-2015-8976 [MEDIUM] CWE-79 CVE-2015-8976: Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x befor
Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via vectors related to "old upgrade files."
nvd
← Previous2 / 2