CVE-2004-0294 Information
Feb 14, 2021
cve
Description
YaBB 1 SP 1.3.1 displays different error messages when a user exists or not which makes it easier for remote attackers to identify valid users and conduct a brute force password guessing attack.
Reference
http://marc.info/?l=bugtraq&m=107703591314745&w=2 http://www.securityfocus.com/bid/9677 https://exchange.xforce.ibmcloud.com/vulnerabilities/15236
Share on: