Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yabb yabb vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-0741
Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote malicious users to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action.
Yabb Yabb 2.0 Rc1
1 EDB exploit
4.3
CVSSv2
CVE-2003-1277
Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Board (YaBB) 1.5.0 allow remote malicious users to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into (1) news_icon of news...
Yabb Yabb 1.5.0
7.5
CVSSv2
CVE-2002-0955
Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and previous versions allows remote malicious users to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error...
Yabb Yabb 1 Gold Sp 1
1 EDB exploit
10
CVSSv2
CVE-2007-3208
CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote malicious users to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.
Yabb Yabb 2.1
4.3
CVSSv2
CVE-2005-0785
Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Yabb Yabb 2.0 Rc1
4.3
CVSSv2
CVE-2002-2296
Cross-site scripting (XSS) vulnerability in YaBB.pl in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 allows remote malicious users to inject arbitrary web script or HTML via the num parameter.
Yabb Yabb 1 Gold - Sp 1
1 EDB exploit
7.5
CVSSv2
CVE-2000-1176
Directory traversal vulnerability in YaBB search.pl CGI script allows remote malicious users to read arbitrary files via a .. (dot dot) attack in the "catsearch" form field.
Yabb Yabb 2000-09-11
1 EDB exploit
5
CVSSv2
CVE-2000-0853
YaBB Bulletin Board 9.1.2000 allows remote malicious users to read arbitrary files via a .. (dot dot) attack.
Yabb Yabb 2000-09-01
1 EDB exploit
5
CVSSv2
CVE-2004-1662
YaBB SE 1.5.1 allows remote malicious users to obtain sensitive information via a direct HTTP request to Admin.php, which reveals the full path in a PHP error message.
5
CVSSv2
CVE-2004-0294
YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier for remote malicious users to identify valid users and conduct a brute force password guessing attack.
Yabbforumsoftware Yet Another Bulletin Board 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »