Published: 25/03/2002 Updated: 05/09/2008

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and previous versions allows remote malicious users to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.

Vulnerable Product	Search on Vulmon	Subscribe to Product
yabb yabb 0.01_release
yabb yabb 2000-09-01
yabb yabb 2000-09-11
yabb yabb 0.01_sp1

source: wwwsecurityfocuscom/bid/3828/info YaBB (Yet Another Bulletin Board) is freely available web forums/community software that is written in Perl YaBB will run on most Unix/Linux variants, MacOS, and Microsoft Windows 9x/ME/NT/2000/XP platforms YaBB is prone to cross-agent scripting attacks via the insertion of HTML tags into image ...

NVD-CWE-Other http://online.securityfocus.com/archive/1/249031 http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3828 http://www.iss.net/security_center/static/7840.php http://www.yabbforum.com/http://www.osvdb.org/2019 https://nvd.nist.gov https://www.exploit-db.com/exploits/21208/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0117

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect