Mybb Security Vulnerabilities (CVEs)
Track 15 security vulnerabilities affecting Mybb products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This stored XSS vulnerability in myBB Forums allows authenticated administrators to inject malicious JavaScript into template titles. When these templ...
Dec 22, 2025This stored XSS vulnerability in myBB Forums allows authenticated administrators to inject malicious JavaScript when creating new forums. The injected...
Dec 22, 2025CVE-2023-53978 is a stored cross-site scripting vulnerability in myBB Forums that allows authenticated administrators to inject malicious JavaScript w...
Dec 22, 2025This vulnerability allows authenticated administrators in MyBB 1.8.32 to bypass avatar upload restrictions and execute arbitrary code through a chaine...
Dec 22, 2025CVE-2011-10018 is a critical backdoor vulnerability in myBB 1.6.4 that allows unauthenticated remote attackers to execute arbitrary PHP code via manip...
Aug 13, 2025This vulnerability in MyBB forum software allows attackers to perform local file inclusion (LFI) through improper input validation in the upgrade comp...
Jun 2, 2025This vulnerability in MyBB 1.8.38 allows remote attackers to obtain sensitive information through the Import a Theme function, potentially via Server-...
Apr 17, 2025This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in MyBB 1.8.38's Mail function that could allow attackers to access internal net...
Apr 17, 2025A stored cross-site scripting (XSS) vulnerability in MyBB v1.8.38 allows attackers to inject malicious scripts into the Website Name parameter during ...
Nov 20, 2024This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in MyBB forum software where the default disallowed remote hosts list doesn't in...
May 1, 2024This DOM-based XSS vulnerability in MyBB forum software allows attackers to execute malicious JavaScript in victims' browsers by tricking them into vi...
Nov 6, 2023This vulnerability allows authenticated administrators with settings management permissions to inject PHP code into MyBB forum settings, leading to re...
Mar 9, 2022This vulnerability allows authenticated MyBB administrators with 'Can manage settings?' permission to inject and execute arbitrary PHP code through th...
Nov 4, 2021CVE-2021-27890 is a SQL injection vulnerability in MyBB forum software that allows attackers to execute arbitrary SQL commands via malicious theme XML...
Mar 15, 2021This SQL injection vulnerability in MyBB allows attackers to execute arbitrary SQL commands through the Copy Forum feature in Forum Management. It aff...
Mar 15, 2021Why Monitor Mybb Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 15+ known vulnerabilities affecting Mybb products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Mybb packages in under 60 seconds. No agents required - completely agentless scanning that works across Mybb deployments.
Free vulnerability database: Access detailed information about every Mybb CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Mybb CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
