Skip to main content
CVE-2016-10043 CRITICAL POC THREAT Emergency

An issue was discovered in Radisys MRF Web Panel (SWMS) 9.0.1. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 37.6%.

Apache Command Injection Web Panel
NVD Exploit-DB
CVSS 3.0
10.0
EPSS
37.6%
Threat
4.6
CVE-2016-9403 CRITICAL PATCH Act Now

newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP Privilege Escalation Merge System Mybb
NVD
CVSS 3.0
9.8
EPSS
5.3%
CVE-2015-8974 CRITICAL Act Now

SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Merge System Mybb
NVD
CVSS 3.0
10.0
EPSS
3.7%
CVE-2016-9416 CRITICAL PATCH Act Now

SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to execute arbitrary SQL commands via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Merge System Mybb
NVD
CVSS 3.0
9.8
EPSS
3.7%
CVE-2016-9402 CRITICAL PATCH Act Now

SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Merge System Mybb
NVD
CVSS 3.0
9.8
EPSS
3.7%
CVE-2016-9412 CRITICAL PATCH Act Now

MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Merge System Mybb
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2016-9420 CRITICAL PATCH Act Now

MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comparison false positives.". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Merge System Mybb
NVD
CVSS 3.0
9.8
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy