Yabb: >> Yabb Se Security Vulnerabilities
SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions.
CVSS Score
7.5
EPSS Score
0.014
Published
2004-12-31