Vulnerabilities

CVE-2007-3208

by Fred · 14/06/2007

CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote attackers to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.

Date published : 2007-06-14

http://www.securityfocus.com/bid/24455

http://www.yabbforum.com/community/?board=general;action=display;num=1181678785

Similar

Tags: Cybersecurity Alert