Post.pl in YaBB 1 Gold SP 1.2 allows remote malicious users to modify records in the board's .txt file via carriage return characters in the subject field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yabb yabb 1_gold_-_sp_1 |
||
yabb yabb 1_gold_-_sp_1.2 |