MyBB versions 1.8.1 and below suffer from cross site scripting and remote SQL injection vulnerabilities.