CVE-2004-0343 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-0343

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php.

Affected Software

Name	Vendor	Start Version	End Version
Yabb	Yabb	1.5.4 (including)	1.5.4 (including)
Yabb	Yabb	1.5.5 (including)	1.5.5 (including)
Yabb	Yabb	1.5.5b (including)	1.5.5b (including)

References

http://marc.info/?l=bugtraq\u0026m=107816202813083\u0026w=2
http://www.securityfocus.com/bid/9774
https://exchange.xforce.ibmcloud.com/vulnerabilities/15354
http://marc.info/?l=bugtraq\u0026m=107816202813083\u0026w=2
http://www.securityfocus.com/bid/9774
https://exchange.xforce.ibmcloud.com/vulnerabilities/15354