CVE-2018-6844

MyBB 1.8.14 has XSS via the Title or Description field on the Edit Forum screen.

Publication date: Thu, 08 Feb 2018 13:29:00 +0000

Cyber News related to CVE-2018-6844

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
55 years ago Tenable.com

CVE-2018-6844 - MyBB 1.8.14 has XSS via the Title or Description field on the Edit Forum screen. ...
6 years ago

CVE-2018-17686 - This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ...
4 years ago

CVE-2019-6844 - A CWE-755: Improper Handling of Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause a Denial of Service atack on the PLC when upgrading the controller ...
3 years ago

CVE-2014-6844 - The ABC Song (aka com.tabtale.abcsingalong) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. ...
10 years ago

CVE-2015-6844 - Cross-site scripting (XSS) vulnerability in Reviewer in EMC SourceOne Email Supervisor before 7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
8 years ago

CVE-2016-6844 - An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code within SVG files is maintained when opening such files "in browser" based on our Mail or Drive app. In case of "a" tags, this may include link targets ...
8 years ago

CVE-2017-6844 - Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. ...
7 years ago

CVE-2008-6844 - The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ...
7 years ago

CVE-2006-6844 - Cross-site scripting (XSS) vulnerability in the optional user comment module in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the user comment form. ...
6 years ago

CVE-2020-6844 - In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts. ...
4 years ago

CVE-2023-6844 - The iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to and including 5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
9 months ago

CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0944 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0913 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0769 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

Latest Cyber News

BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics - Cyber Security News - 2 hours ago
CVE-2022-28339 - 7 hours ago
Beware: PayPal "New Address" feature abused to send phishing emails - 8 hours ago
CVE-2025-26774 - 12 hours ago
CVE-2025-26776 - 12 hours ago
CVE-2025-26973 - 12 hours ago
CVE-2025-27012 - 12 hours ago
CVE-2025-26750 - 12 hours ago
CVE-2025-26756 - 12 hours ago
CVE-2025-26757 - 12 hours ago
CVE-2025-26760 - 12 hours ago
CVE-2025-26763 - 12 hours ago
CVE-2025-26764 - 12 hours ago
Fake CS2 tournament streams used to steal crypto, Steam accounts - 13 hours ago
CVE-2024-12577 - 13 hours ago
CVE-2024-46975 - 13 hours ago
CVE-2024-47896 - 13 hours ago
CVE-2024-52939 - 13 hours ago
CVE-2025-0957 - 14 hours ago
CVE-2025-1556 - 15 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics - Cyber Security News - 2 hours ago
CVE-2019-8900 - 1 day ago
CVE-2025-26622 - 1 day ago
CVE-2025-27104 - 1 day ago
CVE-2025-27105 - 1 day ago
CVE-2025-27106 - 1 day ago
CVE-2025-27108 - 1 day ago
CVE-2025-27109 - 1 day ago
CVE-2024-45674 - 1 day ago
CVE-2024-22341 - 1 day ago
CVE-2023-4261 - 1 day ago
CVE-2024-13873 - 1 day ago
CVE-2024-13899 - 1 day ago
CVE-2025-1509 - 1 day ago
CVE-2025-1510 - 1 day ago
CVE-2024-12038 - 23 hours ago
CVE-2024-12467 - 23 hours ago
CVE-2024-13474 - 23 hours ago
CVE-2024-13798 - 23 hours ago
CVE-2024-13564 - 19 hours ago