Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (29 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2140 1 Yabb 1 Yabb 2026-04-16 N/A
CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable.
CVE-2004-2754 1 Yabb 1 Yabb Se 2026-04-16 N/A
SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions.
CVE-2002-0117 1 Yabb 1 Yabb 2026-04-16 N/A
Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.
CVE-2000-0853 1 Yabb 1 Yabb 2026-04-16 N/A
YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2004-1827 2 Simple Machines, Yabb 2 Simple Machines Smf, Yabb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.
CVE-2004-2139 1 Yabb 1 Yabb 2026-04-16 N/A
Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl.
CVE-2004-0344 1 Yabb 1 Yabb 2026-04-16 N/A
Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter.
CVE-2005-0785 1 Yabb 1 Yabb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2013-2057 1 Yabb 1 Yabb 2024-11-21 9.8 Critical
YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability