Mybb Merge_system
24 CVEs affecting Mybb Merge_system. Latest disclosed: 2017-01-31. Critical: 6, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-8974 | Critical | 10.0 | 2017-01-31 | SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and My… |
CVE-2016-9420 | Critical | 9.8 | 2017-01-31 | MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comp… |
CVE-2016-9416 | Critical | 9.8 | 2017-01-31 | SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to… |
CVE-2016-9412 | Critical | 9.8 | 2017-01-31 | MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and s… |
CVE-2016-9403 | Critical | 9.8 | 2017-01-31 | newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a m… |
CVE-2016-9402 | Critical | 9.8 | 2017-01-31 | SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers t… |
CVE-2015-8973 | High | 8.3 | 2017-01-31 | xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended ac… |
CVE-2016-9418 | High | 7.5 | 2017-01-31 | MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information f… |
CVE-2016-9415 | High | 7.5 | 2017-01-31 | MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via ve… |
CVE-2016-9414 | High | 7.5 | 2017-01-31 | MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directo… |
CVE-2016-9410 | High | 7.5 | 2017-01-31 | MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to obtain sensitive database information via vectors in… |
CVE-2015-8977 | High | 7.5 | 2017-01-31 | MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via v… |
CVE-2016-9417 | High | 7.4 | 2017-01-31 | The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side req… |
CVE-2016-9413 | Medium | 6.5 | 2017-01-31 | The Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks v… |
CVE-2016-9421 | Medium | 6.1 | 2017-01-31 | Cross-site scripting (XSS) vulnerability in the Users module in the Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before… |
CVE-2016-9409 | Medium | 6.1 | 2017-01-31 | Cross-site scripting (XSS) vulnerability in the Admin control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow r… |
CVE-2016-9408 | Medium | 6.1 | 2017-01-31 | Cross-site scripting (XSS) vulnerability in the Mod control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow rem… |
CVE-2016-9407 | Medium | 6.1 | 2017-01-31 | Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject a… |
CVE-2016-9406 | Medium | 6.1 | 2017-01-31 | Cross-site scripting (XSS) vulnerability in the User control panel in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow re… |
CVE-2016-9405 | Medium | 6.1 | 2017-01-31 | Cross-site scripting (XSS) vulnerability in member validation in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote… |