Vulnerabilities > Yabb > Yabb > 2.0.rc2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-20 | CVE-2007-3295 | Local File Include vulnerability in YABB Directory traversal vulnerability in Yet another Bulletin Board (YaBB) 2.1 and earlier allows remote authenticated users to execute arbitrary Perl code via a .. | 6.5 |
2005-12-20 | CVE-2005-4426 | HTML Injection vulnerability in YaBB Image Upload Interpretation conflict in YaBB before 2.1 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer as a result of CVE-2005-3312. | 4.0 |