Vulnerabilities (CVE)

Filtered by vendor Yabb Subscribe
Filtered by product Yabb Se
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-2754 1 Yabb 1 Yabb Se 2024-11-20 7.5 HIGH N/A
SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions.