MyBB 1.8.25 – Chained Remote Command Execution Exploit
MyBB version 1.8.25 suffers from a chained remote command execution (RCE) flaw. Upgrade to version 1.8.26
Tag: mybb
MyBB Timeline Plugin 1.0 – Cross-Site Scripting / CSRF
The MyBB Forum plugin Timeline version 1.0 is vulnerable to XSS(Cross site Scripting) and CSRF(Cross Site Request Forgery) attacks.
MyBB 1.8.17 – Cross-Site Scripting
# Exploit Title: MyBB 1.8.17 – Cross-Site Scripting # Date: 2018-08-11 # Author: 0xB9 # Twitter: @0xB9Sec # Contact: 0xB9[at]pm.me # Software Link: https://mybb.com/download/ # Version: 1.8.17 # Tested on: Ubuntu 18.04 # CVE: CVE-2018-15596 […]
MyBB New Threads Plugin – Cross-Site Scripting
# Exploit Title: MyBB New Threads Plugin – Cross-Site Scripting # Date: 7/16/2018 # Author: 0xB9 # Twitter: @0xB9Sec # Contact: 0xB9[at]pm.me # Software Link: https://community.mybb.com/mods.php?action=view&pid=1143 # Version: 1.1 # Tested on: Ubuntu 18.04 # […]
MyBB ChangUonDyU Plugin 1.0.2 – Cross-Site Scripting
# Exploit Title: MyBB ChangUonDyU Advanced Statistics Plugin v1.0.2 – Cross-Site Scripting # Date: 5/25/2018 # Author: 0xB9 # Twitter: @0xB9Sec # Contact: 0xB9[at]pm.me # Software Link: https://community.mybb.com/mods.php?action=view&pid=1125 # Version: 1.0.2 # Tested on: Ubuntu […]
MyBB Admin Notes Plugin 1.1 – Cross-Site Request Forgery
# Exploit Title: MyBB Admin Notes Plugin – CSRF # Date: 2018-05-14 # Author: 0xB9 # Contact: luxorforums.com/User-0xB9 or 0xB9[at]pm.me # Software Link: https://community.mybb.com/mods.php?action=view&pid=1106 # Version: 1.1 # Tested on: Ubuntu 18.04 # 1. Description: […]
