2 matches found
sbb-xss.txt
netVigilance Security Advisory 20 SonicBB version 1.0 XSS Attack Vulnerabilities Description: SonicBB is a user-friendly and fully customizable bulletin board package. SonicBB is compatible with any web server/operating system combo with PHP 4.x or higher installed.SonicBB is the ideal community...
CVE-2007-1903
SonicBB 1.0 is affected by CVE-2007-1903: a cross-site scripting (XSS) vulnerability in search.php via the part parameter. The issue allows remote attackers to inject arbitrary script/HTML; exploitation details indicate it can be triggered when PHP magic_quotes_gpc is Off. The advisory references...