Description

Cross-site scripting (XSS) vulnerability in MyBB 1.2.x before 1.2.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving search.php.

Remediation

References

CVE-2008-3334

Related Vulnerabilities

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2202)

WordPress Plugin FireStorm Shopping Cart eCommerce SQL Injection (2.07.02)

WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking 'pretty-bar.php' Cross-Site Scripting (1.5.2)

phpMyFAQ Exposure of Sensitive Information Through Data Queries Vulnerability (CVE-2025-69200)

Moodle Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-5153)

Severity

Medium

Classification

CVE-2008-3334 CWE-707

Tags

Missing Update Known Vulnerabilities