Vulnerabilities > CVE-2005-0785 - Unspecified vulnerability in Yabb 2.0Rc1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN yabb
nessus
Summary
Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
Nessus
| NASL family | CGI abuses : XSS |
| NASL id | YABB_USERSRECENTPOSTS_XSS.NASL |
| description | The installed version of YaBB (Yet Another Bulletin Board) on the remote host suffers from a remote cross-site scripting flaw due to its failure to properly sanitize input passed via the |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 17305 |
| published | 2005-03-10 |
| reporter | This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/17305 |
| title | YaBB YaBB.pl usersrecentposts Action username Parameter XSS |
References
- http://marc.info/?l=bugtraq&m=111083400601759&w=2
- http://marc.info/?l=bugtraq&m=111083400601759&w=2
- http://securitytracker.com/id?1013420
- http://securitytracker.com/id?1013420
- http://www.securityfocus.com/bid/12756
- http://www.securityfocus.com/bid/12756
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19671
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19671