Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yabb yabb vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2013-2057
YaBB up to and including 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability
Yabb Yabb
NA
CVE-2007-3295
Directory traversal vulnerability in Yet another Bulletin Board (YaBB) 2.1 and previous versions allows remote authenticated users to execute arbitrary Perl code via a .. (dot dot) in the userlanguage profile setting, which sets the userlanguage key of the member hash, and is pro...
Yabb Yabb 2.0 Rc2
Yabb Yabb 2.1
Yabb Yabb 2.0
Yabb Yabb 2.0 Rc1
NA
CVE-2007-3208
CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote malicious users to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.
Yabb Yabb 2.1
NA
CVE-2006-5413
Multiple PHP remote file inclusion vulnerabilities in SuperMod 3.0.0 for YABB (YaBBSM) allow remote malicious users to execute arbitrary PHP code via a URL in the sourcedir parameter to (1) Offline.php, (2) Sources/Admin.php, (3) Sources/Offline.php, or (4) content/portalshow.php...
Supermod Supermod 3.0.0
1 EDB exploit
NA
CVE-2006-4157
Cross-site scripting (XSS) vulnerability in index.php in Yet another Bulletin Board (YaBB) allows remote malicious users to inject arbitrary web script or HTML via the categories parameter.
Yabb Yabb 1.5.5b
Yabb Yabb 1.5.4
Yabb Yabb 1.5.5
Yabb Yabb 1.5.1
Yabb Yabb 1.5.2
1 EDB exploit
NA
CVE-2006-3275
SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and previous versions allows remote malicious users to execute SQL commands via a double-encoded user parameter in a viewprofile action.
Yabb Yabb 1.5.1
Yabb Yabb
Yabb Yabb 1.5.2
Yabb Yabb 1.5.4
NA
CVE-2005-4426
Interpretation conflict in YaBB prior to 2.1 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer as a result of CVE-2005-331...
Yabb Yabb 1 Gold - Sp 1
Yabb Yabb 1 Gold - Sp 1.2
Yabb Yabb 2.0 Rc1
Yabb Yabb 1 Gold - Sp 1.3
Yabb Yabb 1 Gold - Sp 1.3.1
Yabb Yabb 1.40
Yabb Yabb 1.41
Yabb Yabb 1 Gold Release
Yabb Yabb 2.0
Yabb Yabb 1 Gold - Sp 1.3.2
Yabb Yabb 1 Gold - Sp 1.4
Yabb Yabb 2.0 Rc2
NA
CVE-2005-2296
YabbSE 1.5.5c allows remote malicious users to obtain sensitive information via a direct request to ssi_examples.php, which reveals the path.
Yabb Yabb 1.5.5c
NA
CVE-2005-0785
Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Yabb Yabb 2.0 Rc1
NA
CVE-2005-0741
Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote malicious users to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action.
Yabb Yabb 2.0 Rc1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »