CVE-2002-0955

Published: Oct 4, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.

Affected (1)

Products: Yabb: Yabb

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Yabb Yabb	Version 1_gold_sp_1

References (6)

http://archives.neohapsis.com/archives/bugtraq/2002-06/0261.html

Source: cve@mitre.org

http://www.iss.net/security_center/static/9408.php

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/5078

Source: cve@mitre.org

ExploitVendor Advisory

http://archives.neohapsis.com/archives/bugtraq/2002-06/0261.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/9408.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/5078

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

Timeline

No history available yet.