Ultimate PHP Board Board 1.0 final Beta – ‘viewtopic.php’ Cross-Site Scripting

Ultimate PHP Board Board 1.0 final Beta – ‘viewtopic.php’ Cross-Site Scripting

漏洞ID 1053635 漏洞类型
发布时间 2002-11-08 更新时间 2002-11-08
图片[1]-Ultimate PHP Board Board 1.0 final Beta – ‘viewtopic.php’ Cross-Site Scripting-安全小百科CVE编号 N/A
图片[2]-Ultimate PHP Board Board 1.0 final Beta – ‘viewtopic.php’ Cross-Site Scripting-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22076
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/6335/info

Ultimate PHP Board (UPB) is a freely available, open source PHP Bulletin Board. It is available for the Unix and Linux operating systems.

By passing a malicious script code to the viewtopic.php script, UPB may return the script code to the browser of the user visiting the malicious URL. This could lead to the execution of HTML and script code in the security context of the UPB site.

http://example.com/phorum/viewtopic.php?id=%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E&t_id=2

相关推荐: Multiple Vendor WEB-INF Directory Contents Disclosure Vulnerability

Multiple Vendor WEB-INF Directory Contents Disclosure Vulnerability 漏洞ID 1101820 漏洞类型 Access Validation Error 发布时间 2002-06-28 更新时间…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享