Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yabb vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2005-4426
Interpretation conflict in YaBB prior to 2.1 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer as a result of CVE-2005-331...
Yabb Yabb 1 Gold - Sp 1
Yabb Yabb 1 Gold - Sp 1.2
Yabb Yabb 2.0 Rc1
Yabb Yabb 1 Gold - Sp 1.3
Yabb Yabb 1 Gold - Sp 1.3.1
Yabb Yabb 1.40
Yabb Yabb 1.41
Yabb Yabb 1 Gold Release
Yabb Yabb 2.0
Yabb Yabb 1 Gold - Sp 1.3.2
Yabb Yabb 1 Gold - Sp 1.4
Yabb Yabb 2.0 Rc2
383
VMScore
CVE-2004-2402
Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote malicious users to inject arbitrary web script or HTML via a hex-encoded to parameter. NOTE: some sources say that the board parameter is affected, but this is incorrect.
Yabb Yabb 1 Gold - Sp 1.3.1
Yabb Yabb 1 Gold - Sp 1.3.2
Yabb Yabb 1 Gold - Sp 1.2
Yabb Yabb 1 Gold - Sp 1.3
Yabb Yabb 1.41
Yabb Yabb 1 Gold - Sp 1
Yabb Yabb 2000-09-11
Yabb Yabb 1.40
Yabb Yabb 1 Gold Release
Yabb Yabb 2000-09-01
890
VMScore
CVE-2004-2403
Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote malicious users to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.
Yabb Yabb 1 Gold - Sp 1.2
Yabb Yabb 1 Gold - Sp 1.3
Yabb Yabb 1.41
Yabb Yabb 1 Gold - Sp 1
Yabb Yabb 2000-09-11
Yabb Yabb 1.40
Yabb Yabb 1 Gold Release
Yabb Yabb 2000-09-01
Yabb Yabb 1 Gold - Sp 1.3.1
Yabb Yabb 1 Gold - Sp 1.3.2
685
VMScore
CVE-2006-4157
Cross-site scripting (XSS) vulnerability in index.php in Yet another Bulletin Board (YaBB) allows remote malicious users to inject arbitrary web script or HTML via the categories parameter.
Yabb Yabb 1.5.5b
Yabb Yabb 1.5.4
Yabb Yabb 1.5.5
Yabb Yabb 1.5.1
Yabb Yabb 1.5.2
1 EDB exploit
755
VMScore
CVE-2004-2754
SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions prior to 1.5.5 allows remote malicious users to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions.
Yabb Yabb Se 0.8
Yabb Yabb Se 1.1.3
Yabb Yabb Se 1.4.1
Yabb Yabb Se 1.5.3
Yabb Yabb Se 1.5.4
Yabb Yabb Se 1.5.1
Yabb Yabb Se 1.5.2
Yabb Yabb Se 1.5.0
Yabb Yabb Se 1.5.1 Rc1
1 EDB exploit
668
VMScore
CVE-2006-3275
SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and previous versions allows remote malicious users to execute SQL commands via a double-encoded user parameter in a viewprofile action.
Yabb Yabb 1.5.1
Yabb Yabb
Yabb Yabb 1.5.2
Yabb Yabb 1.5.4
578
VMScore
CVE-2007-3295
Directory traversal vulnerability in Yet another Bulletin Board (YaBB) 2.1 and previous versions allows remote authenticated users to execute arbitrary Perl code via a .. (dot dot) in the userlanguage profile setting, which sets the userlanguage key of the member hash, and is pro...
Yabb Yabb 2.0 Rc2
Yabb Yabb 2.1
Yabb Yabb 2.0
Yabb Yabb 2.0 Rc1
1000
VMScore
CVE-2004-0343
Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 up to and including 1.5.5b allow remote malicious users to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php.
Yabb Yabb 1.5.4
Yabb Yabb 1.5.5
Yabb Yabb 1.5.5b
1 EDB exploit
755
VMScore
CVE-2002-0117
Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and previous versions allows remote malicious users to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
Yabb Yabb 0.01 Release
Yabb Yabb 2000-09-01
Yabb Yabb 2000-09-11
Yabb Yabb 0.01 Sp1
1 EDB exploit
505
VMScore
CVE-2004-0291
SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote malicious users to obtain hashed passwords via the quote parameter.
Yabb Yabb 1.5.4
Yabb Yabb 1.5.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »