AndyRixon/LayerBB

AndyRixon/LayerBB

Releases9

Frequency2 months 1 week

Last Release almost 7 years ago

Stars6

A simple yet powerful forum software. Download from our website!

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-16531 ↗	Sep 20, 2019Friday, 20 September 2019, 02:16	8.8 HIGH	6.8 MEDIUM
LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php.
CVE-2018-17996 ↗	Mar 21, 2019Thursday, 21 March 2019, 16:00	—	5.8 MEDIUM
LayerBB before 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/.
CVE-2018-17997 ↗	Mar 21, 2019Thursday, 21 March 2019, 16:00	—	4.3 MEDIUM
LayerBB 1.1.1 allows XSS via the titles of conversations (PMs).
CVE-2018-17988 ↗	Mar 7, 2019Thursday, 7 March 2019, 23:29	9.8 CRITICAL	7.5 HIGH
LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter.