Cross-site scripting (XSS) vulnerability in index.php in Yet another Bulletin Board (YaBB) allows remote attackers to inject arbitrary web script or HTML via the categories parameter.
Max CVSS
6.8
EPSS Score
0.71%
Published
2006-08-16
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
Max CVSS
4.3
EPSS Score
0.31%
Published
2005-05-02
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action.
Max CVSS
4.3
EPSS Score
0.19%
Published
2005-03-08
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded to parameter. NOTE: some sources say that the board parameter is affected, but this is incorrect.
Max CVSS
4.3
EPSS Score
1.24%
Published
2004-12-31
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.
Max CVSS
4.3
EPSS Score
0.82%
Published
2004-03-15
Updated
2017-07-11
Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Board (YaBB) 1.5.0 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into (1) news_icon of news_template.php, and (2) threadid and subject of index.html
Max CVSS
4.3
EPSS Score
0.21%
Published
2003-12-31
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in YaBB.pl in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 allows remote attackers to inject arbitrary web script or HTML via the num parameter.
Max CVSS
4.3
EPSS Score
0.22%
Published
2002-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in index.php in Yet Another Bulletin Board (YaBB) 1.40 and 1.41 allows remote attackers to inject arbitrary web script or HTML via the password (passwrd) parameter.
Max CVSS
4.3
EPSS Score
0.44%
Published
2002-12-31
Updated
2008-09-05
Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.
Max CVSS
7.5
EPSS Score
3.09%
Published
2002-10-04
Updated
2008-09-05
Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
Max CVSS
7.5
EPSS Score
9.40%
Published
2002-03-25
Updated
2008-09-05
10 vulnerabilities found