0xB9

53 exploits Active since Apr 2018
CVE-2021-47934 EXPLOITDB MEDIUM text WORKING POC
MyBB Timeline Plugin 1.0 Cross-Site Scripting and CSRF
MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php profile action to change a user's cover picture by crafting malicious forms that execute when victims visit affected profiles.
CVSS 5.3
CVE-2018-11092 WRITEUP MEDIUM WRITEUP
Admin Notes 1.1 - Cross-Site Request Forgery via Clear Table Action
An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.
CVSS 6.5
CVE-2018-25246 EXPLOITDB HIGH python WORKING POC
Wikipedia 12.0 Denial of Service via Search
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of repeated characters into the search bar to trigger an application crash.
CVSS 7.5
CVE-2018-25250 EXPLOITDB HIGH text WORKING POC
MyBB Last User's Threads in Profile Plugin 1.2 Persistent XSS
MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users visit the attacker's profile page.
CVSS 7.2
CVE-2018-25249 EXPLOITDB MEDIUM text WRITEUP
MyBB My Arcade Plugin 1.3 Persistent XSS via Comment
MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through arcade game score comments. Attackers can add crafted HTML and JavaScript payloads in the comment field that execute when other users view or edit the comment.
CVSS 6.4
CVE-2018-25248 EXPLOITDB HIGH text WRITEUP
MyBB Downloads Plugin 2.0.3 Persistent XSS via downloads.php
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when administrators validate the download in downloads.php.
CVSS 7.2
CVE-2018-25247 EXPLOITDB MEDIUM text WORKING POC
MyBB Like Plugin 3.0.0 Cross-Site Scripting via User Profiles
MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that displays the attacker's liked posts, the unsanitized subject is rendered, executing the script in the viewer's browser.
CVSS 6.1
CVE-2018-25245 EXPLOITDB HIGH python WORKING POC
7 Tik 1.0.1.0 Denial of Service via Search
7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 7700 characters into the search bar to trigger an application crash.
CVSS 7.5
CVE-2018-25244 EXPLOITDB MEDIUM python WORKING POC
Eco Search 1.0.2.0 Denial of Service
Eco Search 1.0.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar and trigger a crash by initiating a search operation.
CVSS 6.2
CVE-2018-25243 EXPLOITDB MEDIUM python WORKING POC
FastTube 1.0.1.0 Denial of Service via Search
FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 1900 characters into the search bar and trigger a crash when the search operation is executed.
CVSS 6.2
CVE-2018-25242 EXPLOITDB MEDIUM python WORKING POC
One Search 1.1.0.0 Denial of Service
One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an unhandled exception that crashes the application.
CVSS 6.2
CVE-2018-25241 EXPLOITDB HIGH python WORKING POC
VPN Browser+ 1.1.0.0 Denial of Service
VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of characters into the search bar to trigger an unhandled exception that terminates the application.
CVSS 7.5
CVE-2018-25240 EXPLOITDB MEDIUM python WORKING POC
Watchr 1.1.0.0 Denial of Service via Search
Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash.
CVSS 6.2
CVE-2018-25239 EXPLOITDB MEDIUM python WORKING POC
Smart VPN 1.1.3.0 Denial of Service via Search
Smart VPN 1.1.3.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the search interface. Attackers can paste a buffer of 2100 characters into the top right search bar to trigger an unhandled exception that crashes the application.
CVSS 6.2
CVE-2018-25238 EXPLOITDB MEDIUM python WORKING POC
VSCO 1.1.1.0 Denial of Service via Search
VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash.
CVSS 6.2
CVE-2019-25602 EXPLOITDB MEDIUM text WORKING POC
GSearch 1.0.1.0 Denial of Service via Search Input
GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash.
CVSS 5.5
CVE-2021-47905 EXPLOITDB MEDIUM text WORKING POC
MyBB Delete Account Plugin 1.4 - XSS
MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnerability in the account deletion reason input field. Attackers can inject malicious scripts that will execute in the admin interface when viewing delete account reasons.
CVSS 6.1
CVE-2018-11430 EXPLOITDB MEDIUM text WORKING POC
Moderator Log Notes 1.1 - Stored Cross-Site Scripting in Mod Notes Textarea
An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea.
CVSS 5.4
CVE-2018-11092 EXPLOITDB MEDIUM text WORKING POC
Admin Notes 1.1 - Cross-Site Request Forgery via Clear Table Action
An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.
CVSS 6.5
CVE-2018-25132 EXPLOITDB MEDIUM text WORKING POC
MyBB Trending Widget Plugin 1.2 - XSS
MyBB Trending Widget Plugin 1.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through thread titles. Attackers can modify thread titles with script payloads that will execute when other users view the trending widget.
CVSS 6.1
CVE-2018-25116 EXPLOITDB MEDIUM text WORKING POC
MyBB Thread Redirect Plugin 0.2.1 - XSS
MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution.
CVSS 6.1
CVE-2018-14724 EXPLOITDB MEDIUM text WORKING POC
MyBB Ban List Plugin 1.0 - Stored Cross-Site Scripting via Ban Reason Field
In the Ban List plugin 1.0 for MyBB, any forum user with mod privileges can ban users and input an XSS payload into the ban reason, which is executed on the bans.php page.
CVSS 5.4
CVE-2021-24274 EXPLOITDB MEDIUM text WORKING POC
Ultimate Maps by Supsystic < 1.2.5 - Reflected Cross-Site Scripting via Tab Parameter
The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
CVSS 6.1
CVE-2021-24287 EXPLOITDB MEDIUM text WORKING POC
Select All Categories and Taxonomies < 1.3.2 - Reflected XSS via Tab Parameter
The settings page of the Select All Categories and Taxonomies, Change Checkbox to Radio Buttons WordPress plugin before 1.3.2 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue
CVSS 6.1
CVE-2021-24272 EXPLOITDB MEDIUM html WORKING POC
fitness_calculators < 1.9.6 - Cross-Site Request Forgery and Stored Cross-Site Scripting
The fitness calculators WordPress plugin before 1.9.6 add calculators for Water intake, BMI calculator, protein Intake, and Body Fat and was lacking CSRF check, allowing attackers to make logged in users perform unwanted actions, such as change the calculator headers. Due to the lack of sanitisation, this could also lead to a Stored Cross-Site Scripting issue
CVSS 4.3