Vikingboard Multiple Cross-Site Scripting Vulnerabilities

An attacker can exploit this issue using a browser.

The following proof-of-concept URIs are available:

http://www.example.com/viking/cp.php?mode=9&id=2[XSS-CODE]

http://www.example.com/viking/cp.php?mode=7&f=1[XSS-CODE]

http://www.example.com/viking/cp.php?mode=6"e=1[XSS-CODE]

http://www.example.com/viking/cp.php?mode=12&act=[XSS-CODE]

http://www.example.com/viking/user.php?u=2[XSS-CODE]

http://www.example.com/viking/help.php?act=guidelines[XSS-CODE]

http://www.example.com/viking/post.php?mode=00&f=1[XSS-CODE]&poll=0

http://www.example.com/viking/cp.php?mode=7&f=1

http://www.example.com/viking/report.php?p=2[XSS-CODE]

http://www.example.com/viking/topic.php?t=2&s=0[XSS-CODE]

http://www.example.com/viking/post.php?mode=03&t=2"e=2[XSS-CODE]

http://www.example.com/viking/post.php?mode=03&t=2[XSS-CODE]"e=2

http://www.example.com/viking/post.php?mode=00&f=1&poll=0[XSS-CODE]

http://www.example.com/viking/post.php?mode=02&p=2[XSS-CODE]


 

Privacy Statement
Copyright 2010, SecurityFocus