The remote web server is running a PHP application that is vulnerable to multiple attack vectors.
The remote web server hosts MyBB, a web-based discussion board application. Versions of MyBB earlier than 1.4.15, or 1.6.x earlier than 1.6.2 are potentially affected by multiple issues : - A cross-site scripting vulnerability exists in the modcp.php script. (1464) - A cross-site scripting vulnerabililty exists in the 'xmlhttp.php' script. (1460) - A cross-site scripting issue exists relating to HTML content in posts. (1422)