Mybulletinboard: >> Mybulletinboard >> 1.10 Security Vulnerabilities
polls.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to obtain sensitive information via a vote action with an "option[]=null" parameter value, which reveals the path in an error message.
CVSS Score
5.0
EPSS Score
0.005
Published
2006-03-22
Cross-site scripting (XSS) vulnerability in member.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to inject arbitrary web script or HTML via the url parameter, a different vulnerability than CVE-2006-1272. NOTE: 1.10 was later reported to be vulnerable.
CVSS Score
3.5
EPSS Score
0.009
Published
2006-03-19
Page 2