Vulnerabilities > CVE-2005-0741 - Remote UsersRecentPosts Cross-Site Scripting vulnerability in Yabb 2.0Rc1

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

yabb

nessus

exploit available

NVD

Published: 2005-03-08

Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action.

Vulnerable Configurations

Part	Description	Count
Application	Yabb Yabb Yabb 2.0_Rc1	1

Exploit-Db

description	YaBB 2.0 Remote UsersRecentPosts Cross-Site Scripting Vulnerability. CVE-2005-0741. Webapps exploit for php platform
id	EDB-ID:25199
last seen	2016-02-03
modified	2005-03-08
published	2005-03-08
reporter	trueend5
source	https://www.exploit-db.com/download/25199/
title	YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting Vulnerability

Nessus

NASL family	CGI abuses : XSS
NASL id	YABB_USERSRECENTPOSTS_XSS.NASL
description	The installed version of YaBB (Yet Another Bulletin Board) on the remote host suffers from a remote cross-site scripting flaw due to its failure to properly sanitize input passed via the
last seen	2020-06-01
modified	2020-06-02
plugin id	17305
published	2005-03-10
reporter	This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/17305
title	YaBB YaBB.pl usersrecentposts Action username Parameter XSS

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References