Page 4 of 29 results (0.008 seconds)

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 2

Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the board's .txt file via carriage return characters in the subject field. • http://marc.info/?l=bugtraq&m=108360430703935&w=2 http://secunia.com/advisories/12609 http://www.securityfocus.com/bid/10263 http://www.yabbforum.com/community/YaBB.pl?board=general%3Baction=display%3Bnum=1093133233 https://exchange.xforce.ibmcloud.com/vulnerabilities/16050 •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 2

Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php. • https://www.exploit-db.com/exploits/23775 http://marc.info/?l=bugtraq&m=107816202813083&w=2 http://www.securityfocus.com/bid/9774 https://exchange.xforce.ibmcloud.com/vulnerabilities/15354 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 2

SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtain hashed passwords via the quote parameter. Vulnerabilidad de inyección de SQL en post.php de YaBB SE 1.5.4 y 1.5.5 permite a atacantes remotos obtener el resumen digital (hash) de contraseñas. • https://www.exploit-db.com/exploits/23710 http://marc.info/?l=bugtraq&m=107696318522985&w=2 http://www.securityfocus.com/bid/9674 https://exchange.xforce.ibmcloud.com/vulnerabilities/15224 •

CVSS: 6.4EPSS: 1%CPEs: 2EXPL: 2

Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter. • https://www.exploit-db.com/exploits/23774 http://marc.info/?l=bugtraq&m=107816202813083&w=2 http://www.securityfocus.com/bid/9774 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 2

Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags. • https://www.exploit-db.com/exploits/23812 http://marc.info/?l=bugtraq&m=107936800226430&w=2 http://marc.info/?l=bugtraq&m=107948064923981&w=2 http://secunia.com/advisories/11128 http://securitytracker.com/id?1009427 http://www.securityfocus.com/bid/9873 http://www.yabbforum.com/community/YaBB.pl?board=general%3Baction=display%3Bnum=1093133233 https://exchange.xforce.ibmcloud.com/vulnerabilities/15488 •