Vulnerabilities > CVE-2004-0344 - Input Validation vulnerability in Yabb 1.5.5/1.5.5B
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | YaBB SE 1.5.x Arbitrary File Deletion. CVE-2004-0344. Webapps exploit for php platform |
id | EDB-ID:23774 |
last seen | 2016-02-02 |
modified | 2004-03-01 |
published | 2004-03-01 |
reporter | Alnitak and BackSpace |
source | https://www.exploit-db.com/download/23774/ |
title | YaBB SE 1.5.x - Arbitrary File Deletion |