Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yabb yabb se 1.5.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2754
SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions prior to 1.5.5 allows remote malicious users to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions.
Yabb Yabb Se 1.5.0
Yabb Yabb Se 1.1.3
Yabb Yabb Se 1.4.1
Yabb Yabb Se 1.5.1 Rc1
Yabb Yabb Se 1.5.4
Yabb Yabb Se 0.8
Yabb Yabb Se 1.5.1
Yabb Yabb Se 1.5.2
Yabb Yabb Se 1.5.3
1 EDB exploit
NA
CVE-2004-0343
Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 up to and including 1.5.5b allow remote malicious users to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php.
Yabb Yabb 1.5.5
Yabb Yabb 1.5.5b
Yabb Yabb 1.5.4
1 EDB exploit
NA
CVE-2004-0291
SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote malicious users to obtain hashed passwords via the quote parameter.
Yabb Yabb 1.5.5
Yabb Yabb 1.5.4
1 EDB exploit
NA
CVE-2006-3275
SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and previous versions allows remote malicious users to execute SQL commands via a double-encoded user parameter in a viewprofile action.
Yabb Yabb 1.5.2
Yabb Yabb
Yabb Yabb 1.5.1
Yabb Yabb 1.5.4
NA
CVE-2004-0344
Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 up to and including 1.5.5b allows remote malicious users to delete arbitrary files via a .. (dot dot) in the attachOld parameter.
Yabb Yabb 1.5.5
Yabb Yabb 1.5.5b
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started