Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the boards .txt file via carriage return characters in the subject field.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Yabb |
Yabb |
1_gold_-_sp_1 |
1_gold_-_sp_1 |
Yabb |
Yabb |
1_gold_-_sp_1.2 |
1_gold_-_sp_1.2 |
References