Home page logo
/

bugtraq logo Bugtraq mailing list archives

Open Bulletin Board javascript bug.
From: skizzik () imail ru
Date: Mon, 25 Feb 2002 20:13:18 +0300

   OpenBB is free php-based forum.  

   Exploit:
   [img]javasCript:alert('Hello world.')[/img]

   Vulnerable systems:
   All versions of Open Bulletin Board including 
v.1.0.0 

   Immune systems:
   None

   Solution:
   All url's in [img] tags should start  
with "http://"; 

                                     Yurij Rumiantsev  


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]