CVE-2004-0344

YaBB SE 1.5.4-1.5.5b - Unauthenticated Directory Traversal via ModifyMessage.php attachOld Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0344. PoCs published by Alnitak & BackSpace.

AI-analyzed exploit summary The provided text describes SQL injection and directory traversal vulnerabilities in YaBB SE versions 1.5.4, 1.5.5, and 1.5.5b. It includes an example URL demonstrating an SQL injection attack via the 'postid' parameter.

Description

Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Alnitak & BackSpace · textwebappsphp
https://www.exploit-db.com/exploits/23774

The provided text describes SQL injection and directory traversal vulnerabilities in YaBB SE versions 1.5.4, 1.5.5, and 1.5.5b. It includes an example URL demonstrating an SQL injection attack via the 'postid' parameter.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: YaBB SE 1.5.4, 1.5.5, 1.5.5b
No auth needed
Prerequisites: Access to the vulnerable YaBB SE instance
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107816202813083&w=2
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9774

Scores

EPSS 0.0216
EPSS Percentile 79.9%

Details

Status published
Products (2)
yabb/yabb 1.5.5
yabb/yabb 1.5.5b
Published Nov 23, 2004
Tracked Since Feb 18, 2026