Google Search: “YaBB SE Dev Team”
Admin rates this entry 6 out of 10.
Submitted: 2004-03-04 14:36:03
Added by: Admin
Yet Another Bulletin Board (YABB) SE (versions 1.5.4 and 1.5.5 and perhaps others) contain an SQL injection vulnerability which may allow several attacks including unauthorized database modification or viewing. See http://www.securityfocus.com/bid/9674for more information. Also see http://www.securityfocus.com/bid/9677for information about an information leakage vulnerability in versions YaBB Gold – Sp 1.3.1 and others.