Yapbb · Yapbb · CVE-2006-2486
**Name of the Vulnerable Software and Affected Versions**
YapBB versions 1.2 Beta2 and earlier
**Description**
The issue allows remote attackers to execute arbitrary SQL commands via the `userID` parameter in the "find.php" file.
**Recommendations**
For YapBB versions 1.2 Beta2 and earlier, avoid using the `userID` parameter in the affected find.php file until the issue is resolved.