BaCkSpAcE

2 exploits Active since Nov 2004
CVE-2004-0291 EXPLOITDB text WORKING POC
Yabb - SQL Injection
SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtain hashed passwords via the quote parameter.
CVE-2004-2754 EXPLOITDB java WORKING POC
Yabb SE - SQL Injection
SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions.