OpenBB Private Message Disclosure Vulnerability

No exploit is required to leverage this issue. The following proof of concept has been provided:

http:/www.example.com/forum/myhome.php?action=readmsg&id=[message_id]&box=inbox


 

Privacy Statement
Copyright 2010, SecurityFocus