Filtered by vendor Yabb
Subscriptions
Filtered by product Yabb
Subscriptions
Total
28 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0291 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtain hashed passwords via the quote parameter. | ||||
| CVE-2000-1176 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catsearch" form field. | ||||
| CVE-2004-2139 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl. | ||||
| CVE-2004-2140 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable. | ||||
| CVE-2005-0741 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action. | ||||
| CVE-2006-3275 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and earlier allows remote attackers to execute SQL commands via a double-encoded user parameter in a viewprofile action. | ||||
| CVE-2002-0955 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message. | ||||
| CVE-2013-2057 | 1 Yabb | 1 Yabb | 2024-11-21 | 9.8 Critical |
| YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability | ||||