|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Justin (jwgolihew
cs.millersville.edu)Date: Tue Feb 26 2002 - 20:05:07 CST
Snitz Forums 2000, another free bulletin board software is also vulnerable.
-----Original Message-----
From: godminus [mailto:godminusowns.com]
Sent: Tuesday, February 26, 2002 1:24 PM
To: bugtraqsecurityfocus.org
Subject: Re: Open Bulletin Board javascript bug.
> OpenBB is free php-based forum.
>
> Exploit:
> [img]javasCript:alert('Hello world.')[/img]
>
> Vulnerable systems:
> All versions of Open Bulletin Board including
> v.1.0.0
>
> Immune systems:
> None
>
> Solution:
> All url's in [img] tags should start
> with "http://"
>
> Yurij Rumiantsev
Ikonboard version 3.0.1 is vulnerable for the same bug
-- godminus
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]