Vulnerability Database

313,359

Total vulnerabilities in the database

CVE-2006-1717

Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote attackers to inject arbitrary web script or HTML via the username.

  • Published: Apr 11, 2006
  • Updated: Nov 9, 2025
  • CVE: CVE-2006-1717
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.1
  • AV:N/AC:H/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
mybulletinboard / mybulletinboard 1.10 1.10.x