FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
198a120d-c22d-11ea-9172-4c72b94353b5mybb -- multible vulnerabilities

mybb Team reports:

High risk: Installer RCE on settings file write

Medium risk: Arbitrary upload paths and Local File Inclusion RCE

Medium risk: XSS via insufficient HTML sanitization of Blog feed and Extend data

Low risk: Open redirect on login

Low risk: SCEditor reflected XSS


Discovery 2019-12-30
Entry 2020-07-09
mybb
< 1.8.22

https://blog.mybb.com/2019/12/30/mybb-1-8-22-released-security-maintenance-release/
13960f55-8d35-11e9-9ba0-4c72b94353b5mybb -- vulnerabilities

mybb Team reports:

High risk: Theme import stylesheet name RCE

High risk: Nested video MyCode persistent XSS

Medium risk: Find Orphaned Attachments reflected XSS

Medium risk: Post edit reflected XSS

Medium risk: Private Messaging folders SQL injection

Low risk: Potential phar deserialization through Upload Path


Discovery 2019-06-10
Entry 2019-06-12
mybb
< 1.8.21

https://blog.mybb.com/2019/06/10/mybb-1-8-21-released-security-maintenance-release/