Vulnerabilities > Yabb > Yabb > 2000.09.01
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2403 | Unspecified vulnerability in Yabb Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters. | 10.0 |
| 2004-12-31 | CVE-2004-2402 | Cross-Site Scripting vulnerability in YaBB YaBB.pl IMSend Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded to parameter. network yabb | 4.3 |
| 2002-03-25 | CVE-2002-0117 | Unspecified vulnerability in Yabb Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag. | 7.5 |
| 2000-11-14 | CVE-2000-0853 | Unspecified vulnerability in Yabb 20000901 YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. | 5.0 |