9 matches found
YaBB 1.x/9.1.2000 YaBB.pl IMSend Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11215/info A cross-site scripting vulnerability is reported in the YaBB forum 'YaBB.pl' script. As a result, it is possible for a remote attacker to create a malicious link to the affected page of a site hosting the web...
yabb-lfi.txt
Local File Include Vulnerabilities Problem: Local File Include Vulnerabilities Product: YaBB 1,640,000 clients 2. Local File Include I found many bugs like it in this board.Bugs relate one special variable for user$language, you can edit this variable in your profile. Examples, where I found bugs...
[Full-disclosure] iDefense Security Advisory 06.12.07: YaBB Forum member.vars CRLF Injection Privilege Escalation Vulnerability
YaBB Forum member.vars CRLF Injection Privilege Escalation Vulnerability iDefense Security Advisory 06.12.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 12, 2007 I. BACKGROUND YaBB Yet another Bulletin Board is an Open Source community forum system written in Perl. More information...
yabbXSS.txt
PersianHacker.NET 200503-08 YaBB2 rc1 XSS Vulnerability Date: 2005 March Bug Number: 08 bid:12756 YaBB is a leading free forum software package that rivals any professional message board out there. It provides a real-time chat and support system for your visitors. More info @:...
YaBB 1.x/9.1.2000 - 'YaBB.pl IMSend' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11215/info A cross-site scripting vulnerability is reported in the YaBB forum 'YaBB.pl' script. As a result, it is possible for a remote attacker to create a malicious link to the affected page of a site hosting the web forum. The malicious link may conta...
YaBB 1.x9.1.2000 - YaBB.pl IMSend Cross-Site Scripting
YaBB 1.x9.1.2000 - YaBB.pl IMSend Cross-Site Scripting source: https://www.securityfocus.com/bid/11215/info A cross-site scripting vulnerability is reported in the YaBB forum 'YaBB.pl' script. As a result, it is possible for a remote attacker to create a malicious link to the affected page of a...
YaBB 1 Gold SP 1 - 'YaBB.pl' Cross-Site Scripting
source: https://www.securityfocus.com/bid/6272/info A cross-site scripting vulnerability has been reported in the YaBB forum. This vulnerability is due to insufficient sanitization of URI parameters in some scripts. As a result, it is possible for a remote attacker to create a malicious link to t...
YaBB 1.40/1.41 - Login Cross-Site Scripting
source: https://www.securityfocus.com/bid/6004/info A cross-site scripting vulnerability has been reported in the YaBB Yet Another Bulletin Board forum login script. HTML tags or script code are not sanitized from the error output of erroneous login attempts. As a result, it is possible for a...
YaBB 1.401.41 - Login Cross-Site Scripting
YaBB 1.401.41 - Login Cross-Site Scripting source: https://www.securityfocus.com/bid/6004/info A cross-site scripting vulnerability has been reported in the YaBB Yet Another Bulletin Board forum login script. HTML tags or script code are not sanitized from the error output of erroneous login...