FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
198a120d-c22d-11ea-9172-4c72b94353b5mybb -- multible vulnerabilities

mybb Team reports:

High risk: Installer RCE on settings file write

Medium risk: Arbitrary upload paths and Local File Inclusion RCE

Medium risk: XSS via insufficient HTML sanitization of Blog feed and Extend data

Low risk: Open redirect on login

Low risk: SCEditor reflected XSS

Discovery 2019-12-30
Entry 2020-07-09
lt 1.8.22
ab38d9f8-b787-11e8-8e7a-00e04c1ea73dmybb -- vulnerabilities

mybb Team reports:

High risk: Email field SQL Injection.

Medium risk: Video MyCode Persistent XSS in Visual Editor.

Low risk: Insufficient permission check in User CP’s attachment management.

Low risk: Insufficient email address verification.

Discovery 2018-09-11
Entry 2018-09-13
lt 1.8.19
13960f55-8d35-11e9-9ba0-4c72b94353b5mybb -- vulnerabilities

mybb Team reports:

High risk: Theme import stylesheet name RCE

High risk: Nested video MyCode persistent XSS

Medium risk: Find Orphaned Attachments reflected XSS

Medium risk: Post edit reflected XSS

Medium risk: Private Messaging folders SQL injection

Low risk: Potential phar deserialization through Upload Path

Discovery 2019-06-10
Entry 2019-06-12
lt 1.8.21
395ed9d5-3cca-11e9-9ba0-4c72b94353b5mybb -- vulnerabilities

mybb Team reports:

Medium risk: Reset Password reflected XSS

Medium risk: ModCP Profile Editor username reflected XSS

Low risk: Predictable CSRF token for guest users

Low risk: ACP Stylesheet Properties XSS

Low risk: Reset Password username enumeration via email

Discovery 2019-02-27
Entry 2019-03-02
Modified 2019-03-04
lt 1.8.20_1