CVE-2004-0291

  • Last update: Apr 13, 2023

Description

SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtain hashed passwords via the quote parameter.

Software From Fixed in
yabb / yabb 1.5.4 1.5.4.x
yabb / yabb 1.5.5 1.5.5.x

Details

    • Severity: Medium
  • CVE: CVE-2004-0291
  • Published: Nov 23, 2004
  • Updated: Apr 13, 2023
  • Exploit:

CVSS v2

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N