Vulnerabilities > CVE-2004-0343 - Input Validation vulnerability in Yabb 1.5.4/1.5.5/1.5.5B
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description | YaBB SE 1.5.x Multiple Parameter SQL Injection. CVE-2004-0343. Webapps exploit for php platform |
id | EDB-ID:23775 |
last seen | 2016-02-02 |
modified | 2004-03-01 |
published | 2004-03-01 |
reporter | Alnitak and BackSpace |
source | https://www.exploit-db.com/download/23775/ |
title | YaBB SE 1.5.x - Multiple Parameter SQL Injection |