Vulnerabilities > Yabb > Yabb > 2000.09.11

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-2403 Unspecified vulnerability in Yabb
Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.
network
low complexity
yabb
critical
 10.0
10
2004-12-31 CVE-2004-2402 Cross-Site Scripting vulnerability in YaBB YaBB.pl IMSend
Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded to parameter.
network
yabb
4.3
4.3
2002-03-25 CVE-2002-0117 Unspecified vulnerability in Yabb
Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
network
low complexity
yabb
7.5
7.5
2001-01-09 CVE-2000-1176 Unspecified vulnerability in Yabb 20000911
Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a ..
network
low complexity
yabb
7.5
7.5