Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

yabb yabb 1 gold - sp 1.3.2 vulnerabilities and exploits

(subscribe to this query)
NA

CVE-2005-4426

Interpretation conflict in YaBB prior to 2.1 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer as a result of CVE-2005-331...
Yabb Yabb 2.0 Rc2Yabb Yabb 2.0 Rc1Yabb Yabb 1.40Yabb Yabb 1 Gold - Sp 1Yabb Yabb 1 Gold - Sp 1.3.2Yabb Yabb 1 Gold - Sp 1.3Yabb Yabb 1 Gold - Sp 1.4Yabb Yabb 1 Gold - Sp 1.2Yabb Yabb 1.41Yabb Yabb 1 Gold ReleaseYabb Yabb 2.0Yabb Yabb 1 Gold - Sp 1.3.1
NA

CVE-2004-2403

Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote malicious users to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.
Yabb Yabb 2000-09-11Yabb Yabb 1.40Yabb Yabb 1 Gold - Sp 1Yabb Yabb 1 Gold - Sp 1.3.2Yabb Yabb 1 Gold - Sp 1.3Yabb Yabb 2000-09-01Yabb Yabb 1 Gold - Sp 1.2Yabb Yabb 1.41Yabb Yabb 1 Gold ReleaseYabb Yabb 1 Gold - Sp 1.3.1
NA

CVE-2004-2402

Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote malicious users to inject arbitrary web script or HTML via a hex-encoded to parameter. NOTE: some sources say that the board parameter is affected, but this is incorrect.
Yabb Yabb 2000-09-11Yabb Yabb 1.40Yabb Yabb 1 Gold - Sp 1Yabb Yabb 1 Gold - Sp 1.3.2Yabb Yabb 1 Gold - Sp 1.3Yabb Yabb 2000-09-01Yabb Yabb 1 Gold - Sp 1.2Yabb Yabb 1.41Yabb Yabb 1 Gold ReleaseYabb Yabb 1 Gold - Sp 1.3.1
NA

CVE-2004-2139

Unknown vulnerability in Adminedit.pl YaBB 1 Gold prior to 1.3.2 allows malicious users to execute arbitrary code via settings.pl.
Yabb Yabb 1 Gold - Sp 1.3Yabb Yabb 1 Gold - Sp 1.3.1
NA

CVE-2004-2140

CRLF injection vulnerability in YaBB 1 Gold prior to 1.3.2 allows remote malicious users to modify text file contents via the subject variable.
Yabb Yabb 1 Gold - Sp 1.3Yabb Yabb 1 Gold - Sp 1.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusionIMAPCVE-2024-36103CVE-2024-28995CVE-2024-37325CVE-2024-30078CVE-2024-30082SQL injectionCVE-2024-30052
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook