2 matches found
CVE-2004-0344
Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. dot dot in the attachOld parameter...
CVE-2004-0344
YaBB SE 1.5.4–1.5.5b contains a directory traversal vulnerability in ModifyMessage.php, exploitable with an attached Old parameter to delete arbitrary files via .. path component. Impact: remote attacker could remove files on the affected host. Root cause is improper validation of the attachOld p...