Max CVSS | 6.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-12830 | 3.5 |
In MyBB before 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post renderer that leads to [video] BBCode persistent XSS to take over any forum account, aka a nested video MyCode issue.
|
20-06-2019 - 12:46 | 15-06-2019 - 18:29 | |
CVE-2019-12831 | 6.5 |
In MyBB before 1.8.21, an attacker can abuse a default behavior of MySQL on many systems (that leads to truncation of strings that are too long for a database column) to create a PHP shell in the cache directory of a targeted forum via a crafted XML
|
17-06-2019 - 19:01 | 15-06-2019 - 18:29 |