CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote attackers to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.
References
Configurations
History
07 Nov 2023, 02:00
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2007-06-14 19:30
Updated : 2024-02-28 11:01
NVD link : CVE-2007-3208
Mitre link : CVE-2007-3208
CVE.ORG link : CVE-2007-3208
JSON object : View
Products Affected
yabb
- yabb
CWE