RSS   Vulnerabilities for 'Yabb se'   RSS

2004-12-31
 
CVE-2004-2754

 

 
SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions.

 

 >>> Vendor: YABB 2 Products
YABB
Yabb se


Copyright 2019, cxsecurity.com

 

Back to Top