Vikingboard post.php Multiple Variable XSS

2007-07-25T00:00:00
ID OSVDB:37355
Type osvdb
Reporter Lostmon(Lostmon@gmail.com)
Modified 2007-07-25T00:00:00

Description

Manual Testing Notes

http://[target]/viking/post.php?mode=00&f=1[XSS-CODE]&poll=0 http://[target]/viking/post.php?mode=03&t=2"e=2[XSS-CODE] http://[target]/viking/post.php?mode=03&t=2[XSS-CODE]"e=2 http://[target]/viking/post.php?mode=00&f=1&poll=0[XSS-CODE] http://[target]/viking/post.php?mode=02&p=2[XSS-CODE]

References:

Secunia Advisory ID:26196 Related OSVDB ID: 37352 Related OSVDB ID: 37356 Related OSVDB ID: 37357 Related OSVDB ID: 37354 Other Advisory URL: http://secwatch.org/advisories/1018567/ Other Advisory URL: http://lostmon.blogspot.com/2007/07/vikingboard-multiple-cross-site.html ISS X-Force ID: 35599 ISS X-Force ID: 35601 CVE-2007-4088 Bugtraq ID: 25056