2 matches found
CVE-2008-0775
CVE-2008-0775 describes an XSS vulnerability in the SMF Shoutbox (versions 1.14–1.16b) where input to the shoutbox form that begins with "&#" and ends with ";" can inject arbitrary script/HTML. The root cause is insufficient input sanitization in sboxDB.php, allowing remote attackers to execute s...
CVE-2008-0775
Cross-site scripting XSS vulnerability in sboxDB.php in Simple Machines Forum SMF Shoutbox 1.14 through 1.16b allows remote attackers to inject arbitrary web script or HTML via strings to the shoutbox form that start with "&", contain the desired script, and end with ";"...