Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Yabb | Yabb | 2000-09-11 | 2000-09-11 |
Yabb | Yabb | 1.40 | 1.40 |
Yabb | Yabb | 1_gold_-_sp_1 | 1_gold_-_sp_1 |
Yabb | Yabb | 1_gold_-_sp_1.3.2 | 1_gold_-_sp_1.3.2 |
Yabb | Yabb | 1_gold_-_sp_1.3 | 1_gold_-_sp_1.3 |
Yabb | Yabb | 2000-09-01 | 2000-09-01 |
Yabb | Yabb | 1_gold_-_sp_1.2 | 1_gold_-_sp_1.2 |
Yabb | Yabb | 1.41 | 1.41 |
Yabb | Yabb | 1_gold_release | 1_gold_release |
Yabb | Yabb | 1_gold_-_sp_1.3.1 | 1_gold_-_sp_1.3.1 |