BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Simple Machines Forum "SMF Shoutbox" Mod Persistent XSS Mar 21 2008 08:36PM
vermsky motomoddinguk info
Here's the solution:

After you have installed the shoutbox please modify the file sboxDB.php.

Please search for

Code:

Code: [Select]

// handle special characters

$content = addslashes($piph . $content);

and replace this with

Code:

Code: [Select]

/...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus