CVE-2007-3208

CVE-2007-3208 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote attackers to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.

Learn more about our Web Application Penetration Testing UK.