30 matches found
EUVD-2002-2274
Malware in sbrugna...
EUVD-2004-2393
Malware in sbrugna...
EUVD-2002-1824
Malware in sbrugna...
EUVD-2013-2039
Malware in sbrugna...
EUVD-2005-4421
Malware in sbrugna...
EUVD-2002-0117
Malware in sbrugna...
EUVD-2002-1825
Malware in sbrugna...
CVE-2013-2057
YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability...
CVE-2002-1846
Yet Another Bulletin Board YaBB 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote attackers to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submitting the change in a...
YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting
YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting source: https://www.securityfocus.com/bid/12756/info A remote cross-site scripting vulnerability affects YaBB. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically...
YaBB < 2.1 YaBB.pl username Parameter XSS
Binary data 2685.prm...
YaBB 2.0 - Remote UsersRecentPosts Cross-Site Scripting
source: https://www.securityfocus.com/bid/12756/info A remote cross-site scripting vulnerability affects YaBB. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may leverage this issue...
CVE-2004-2140
CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable...
YaBB 1.x9.1.2000 - Administrator Command Execution
YaBB 1.x9.1.2000 - Administrator Command Execution source: https://www.securityfocus.com/bid/11214/info It is reported that YaBB is affected by an administrator command execution vulnerability. This issue is due to a failure of the application to properly validate access to administrative command...
YaBB YaBB.cgi num Parameter XSS
Binary data 1638.prm...
CVE-2004-1982
Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the board's .txt file via carriage return characters in the subject field...
CVE-2004-0294
YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier for remote attackers to identify valid users and conduct a brute force password guessing attack...
YaBBXSS.txt
Advisory Name : YaBB/YaBBse Cross Site Scripting Vulnerability Release Date : Mar 14,2004 Application : YaBB/YaBBse Test On : YaBB 1 GoldSP1.3 YaBB SE 1.5.1 Final Vendor URL : http://www.yabbforum.com/ http://www.yabbse.org/ Discover : Cheng Peng Suapplesoupatmsn.com Proof of conecpt: The problem...
YaBB/YaBBse Cross Site Scripting Vulnerability
Advisory Name : YaBB/YaBBse Cross Site Scripting Vulnerability Release Date : Mar 14,2004 Application : YaBB/YaBBse Test On : YaBB 1 GoldSP1.3 YaBB SE 1.5.1 Final Vendor URL : http://www.yabbforum.com/ http://www.yabbse.org/ Discover : Cheng Peng Suapplesoupatmsn.com Proof of conecpt: The problem...
CVE-2002-1846
Yet Another Bulletin Board YaBB 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote attackers to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submitting the change in a...