Mybb Downloads
Approved changes feed: RSS · Atom
cpe:2.3:a:mybb:mybb_downloads:2.0.3:*:*:*:*:mybb:*:*
part: a version: 2.0.3 update: *
| Vendor | Mybb (8821e130-2590-5689-a7de-85bc65b3bdf4) |
|---|---|
| Product | Mybb Downloads (c19c1bf0-93e7-5f1d-a38d-f0c9389e733b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | mybb |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-25248 |
vulnerable | 2026-06-03 14:38:41.265052 |
MyBB Downloads Plugin 2.0.3 Persistent XSS via downloads.php
HIGH (7.2)
MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when administrators validate the download in downloads.php.
Published: 2026-04-04T13:51:13.028Z
Updated: 2026-05-24T01:36:14.476Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.