Vulnerabilities > CVE-2004-1827

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
yabb
simple-machines
exploit available

Summary

Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.

Vulnerable Configurations

Part Description Count
Application
Yabb
2
Application
Simple_Machines
1

Exploit-Db

descriptionYABB SE 1.5.1 Multiple Cross-Site Scripting Vulnerabilites. CVE-2004-1827. Webapps exploit for php platform
idEDB-ID:23812
last seen2016-02-02
modified2004-03-15
published2004-03-15
reporterCheng Peng Su
sourcehttps://www.exploit-db.com/download/23812/
titleYABB SE 1.5.1 - Multiple Cross-Site Scripting Vulnerabilites