CVE-2004-2403

Published: Aug 17, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

12593

third-party-advisory

x_refsource_SECUNIA

11214

vdb-entry

x_refsource_BID

yabb-administrative-bypass(17453)

vdb-entry

x_refsource_XF

20040916 RE: www.proboards.com / YaBB XSS Vuln

mailing-list

x_refsource_BUGTRAQ

10243

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2004-2403

Description

Affected Products

References