Yabb: >> Yabb Se >> 0.8 Security Vulnerabilities
SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions.
CVSS Score
7.5
EPSS Score
0.014
Published
2004-12-31