CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 2CVE-2002-0955 – YaBB 1 - Invalid Topic Error Page Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-0955
Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message. • https://www.exploit-db.com/exploits/21573 http://archives.neohapsis.com/archives/bugtraq/2002-06/0261.html http://www.iss.net/security_center/static/9408.php http://www.securityfocus.com/bid/5078 •
CVSS: 7.5EPSS: 9%CPEs: 4EXPL: 3CVE-2002-0117 – YaBB 9.1.2000 - Cross-Agent Scripting
https://notcve.org/view.php?id=CVE-2002-0117
Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag. Vulnerabilidad Cross-site todavía en el Bulletin Board de (YaBB) 1 Gold SP 1 y anteriores permite a atacantes remotos ejecutar scripts arbitrarios y cookiess de robo vía un mensaje que contiene Javascript codificado en una etiqueta IMG. • https://www.exploit-db.com/exploits/21208 http://online.securityfocus.com/archive/1/249031 http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3828 http://www.iss.net/security_center/static/7840.php http://www.osvdb.org/2019 http://www.yabbforum.com •