CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0294

YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier for remote attackers to identify valid users and conduct a brute force password guessing attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.9%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=107703591314745&w=2
http://www.securityfocus.com/bid/9677
https://exchange.xforce.ibmcloud.com/vulnerabilities/15236
http://marc.info/?l=bugtraq&m=107703591314745&w=2
http://www.securityfocus.com/bid/9677
https://exchange.xforce.ibmcloud.com/vulnerabilities/15236

Products affected by CVE-2004-0294

Yabbforumsoftware » Yet Another Bulletin Board » Version: 1.0

cpe:2.3:a:yabbforumsoftware:yet_another_bulletin_board:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0294

Products

Pricing

Contact Us