Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Open Bulletin Board javascript bug.
From: godminus <godminus () owns com>
Date: Tue, 26 Feb 2002 20:24:29 +0200

  OpenBB is free php-based forum.  

  Exploit:
  [img]javasCript:alert('Hello world.')[/img]

  Vulnerable systems:
  All versions of Open Bulletin Board including 
  v.1.0.0 

 Immune systems:
  None

  Solution:
  All url's in [img] tags should start  
  with "http://"; 

                                   Yurij Rumiantsev  

Ikonboard version 3.0.1 is vulnerable for the same bug

 -- godminus




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault