4 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in templates/default/admincp/attachmentsheader.php in DeluxeBB 1.1 allows remote attackers to inject arbitrary web script or HTML via the langlistofmatches parameter...
CVE-2008-0439
Cross-site scripting XSS vulnerability in templates/default/admincp/attachmentsheader.php in DeluxeBB 1.1 allows remote attackers to inject arbitrary web script or HTML via the langlistofmatches parameter...
CVE-2008-0439
Summary of CVE-2008-0439 : A cross-site scripting (XSS) vulnerability exists in DeluxeBB 1.1, specifically in templates/default/admincp/attachments_header.php, exploitable via the lang_listofmatches parameter. The issue allows remote attackers to inject arbitrary web script or HTML. The entry sou...
DeluxeBB 1.1 - attachments_header.php Cross-Site Scripting
DeluxeBB 1.1 - attachmentsheader.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27401/info DeluxeBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...