CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0117

HIGH
7.5
CVSS Severity Score
EPSS Score0.1950%
EPSS Percentile18.62th
PublishedMar 25, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.

Affected Platforms (CPE)

πŸ“¦
Yabb

Yabb

= 0.01_release
πŸ“¦
Yabb

Yabb

= 0.01_sp1
πŸ“¦
Yabb

Yabb

= 2000-09-01
πŸ“¦
Yabb

Yabb

= 2000-09-11

References & Advisories

πŸ”— http://online.securityfocus.com/archive/1/249031
πŸ”— http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3828
πŸ”— http://www.iss.net/security_center/static/7840.php
πŸ”— http://www.osvdb.org/2019
πŸ”— http://www.yabbforum.com/
πŸ”— http://online.securityfocus.com/archive/1/249031
πŸ”— http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3828
πŸ”— http://www.iss.net/security_center/static/7840.php

Related Vulnerabilities

CVE-2004-240310.0

Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as...

CVE-2007-320810.0

CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote attackers to obtain administrative access via ...

CVE-2004-034310.0

Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via (1) the...

CVE-2013-20579.8

YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability