CVSS: 4.3EPSS: 1%CPEs: 10EXPL: 3CVE-2004-2402
https://notcve.org/view.php?id=CVE-2004-2402
Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded to parameter. NOTE: some sources say that the board parameter is affected, but this is incorrect. • http://archives.neohapsis.com/archives/bugtraq/2004-09/0227.html http://secunia.com/advisories/12593 http://www.osvdb.org/10242 http://www.securityfocus.com/bid/11215 https://exchange.xforce.ibmcloud.com/vulnerabilities/17452 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2139
https://notcve.org/view.php?id=CVE-2004-2139
Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl. • http://secunia.com/advisories/12609 http://www.osvdb.org/10222 http://www.securityfocus.com/bid/11235 http://www.yabbforum.com/community/YaBB.pl?board=general%3Baction=display%3Bnum=1093133233 https://exchange.xforce.ibmcloud.com/vulnerabilities/17459 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2140
https://notcve.org/view.php?id=CVE-2004-2140
CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable. • http://secunia.com/advisories/12609 http://www.yabbforum.com/community/YaBB.pl?board=general%3Baction=display%3Bnum=1093133233 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2004-1662
https://notcve.org/view.php?id=CVE-2004-1662
YaBB SE 1.5.1 allows remote attackers to obtain sensitive information via a direct HTTP request to Admin.php, which reveals the full path in a PHP error message. • http://echo.or.id/adv/adv05-y3dips-2004.txt http://marc.info/?l=bugtraq&m=109441750900432&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/17267 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 2CVE-2004-1982
https://notcve.org/view.php?id=CVE-2004-1982
Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the board's .txt file via carriage return characters in the subject field. • http://marc.info/?l=bugtraq&m=108360430703935&w=2 http://secunia.com/advisories/12609 http://www.securityfocus.com/bid/10263 http://www.yabbforum.com/community/YaBB.pl?board=general%3Baction=display%3Bnum=1093133233 https://exchange.xforce.ibmcloud.com/vulnerabilities/16050 •