Vulnerabilities > CVE-2002-0117 - Unspecified vulnerability in Yabb

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

yabb

exploit available

NVD

Published: 2002-03-25

Updated: 2008-09-05

Summary

Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.

Vulnerable Configurations

Part	Description	Count
Application	Yabb Yabb Yabb 0.01_Release Yabb Yabb 0.01_Sp1 Yabb Yabb 2000-09-01 Yabb Yabb 2000-09-11	4

Exploit-Db

description	YaBB 9.1.2000 Cross-Agent Scripting Vulnerability. CVE-2002-0117 . Webapps exploit for cgi platform
id	EDB-ID:21208
last seen	2016-02-02
modified	2002-01-09
published	2002-01-09
reporter	Obscure
source	https://www.exploit-db.com/download/21208/
title	YaBB 9.1.2000 - Cross-Agent Scripting Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References