Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yabb vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2004-0344
Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 up to and including 1.5.5b allows remote malicious users to delete arbitrary files via a .. (dot dot) in the attachOld parameter.
Yabb Yabb 1.5.5b
Yabb Yabb 1.5.5
1 EDB exploit
4.3
CVSSv2
CVE-2002-1845
Cross-site scripting (XSS) vulnerability in index.php in Yet Another Bulletin Board (YaBB) 1.40 and 1.41 allows remote malicious users to inject arbitrary web script or HTML via the password (passwrd) parameter.
Yabb Yabb 1.40
Yabb Yabb 1.41
1 EDB exploit
5
CVSSv2
CVE-2002-1846
Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote malicious users to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submi...
Yabb Yabb 1.40
Yabb Yabb 1.41
5
CVSSv2
CVE-2004-2140
CRLF injection vulnerability in YaBB 1 Gold prior to 1.3.2 allows remote malicious users to modify text file contents via the subject variable.
Yabb Yabb 1 Gold - Sp 1.3
Yabb Yabb 1 Gold - Sp 1.3.1
5
CVSSv2
CVE-2004-1982
Post.pl in YaBB 1 Gold SP 1.2 allows remote malicious users to modify records in the board's .txt file via carriage return characters in the subject field.
Yabb Yabb 1 Gold - Sp 1
Yabb Yabb 1 Gold - Sp 1.2
7.5
CVSSv2
CVE-2004-2139
Unknown vulnerability in Adminedit.pl YaBB 1 Gold prior to 1.3.2 allows malicious users to execute arbitrary code via settings.pl.
Yabb Yabb 1 Gold - Sp 1.3
Yabb Yabb 1 Gold - Sp 1.3.1
4.3
CVSSv2
CVE-2004-1827
Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote malicious users to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.
Yabb Yabb 1 Gold - Sp 1.3
Simple Machines Simple Machines Smf 1.0 B
Yabb Yabb 1.5.1
1 EDB exploit
7.5
CVSSv2
CVE-2013-2057
YaBB up to and including 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability
Yabb Yabb
7.5
CVSSv2
CVE-2002-0955
Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and previous versions allows remote malicious users to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error...
Yabb Yabb 1 Gold Sp 1
1 EDB exploit
10
CVSSv2
CVE-2007-3208
CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote malicious users to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.
Yabb Yabb 2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »