Yabb » Yabb : Security Vulnerabilities, CVEs, CVSS score >= 7

YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability

CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote attackers to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.

SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and earlier allows remote attackers to execute SQL commands via a double-encoded user parameter in a viewprofile action.

Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.

Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl.

Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php.

Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.

Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.

Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catsearch" form field.