Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in BBSXP 2008 SP2 allow remote attackers to inject arbitrary web script or HTML via the URI in a request to 1 AddPost.asp, 2 AddTopic.asp, 3 AdminDefault.asp, 4 Bank.asp, 5 Manage.asp, and 6 ShowPost.asp. NOTE: the provenance of this information i...

BBSXP论坛程序Manage.asp页面过滤不严导致SQL注入漏洞

漏洞描述： Manage.asp文件的ThreadID没有经过任何过滤便放入SQL语句中执行 导致注射漏洞发生 漏洞代码: % if CookieUserName=empty then error"您还未a href=""javascript:BBSXPModal.Open'Login.asp',380,170;""登录/a论坛" if RequestMethod "POST" then error"li提交方式错误！/lili您本次使用的是"& RequestMethod&"提交方式！/li" ForumID=RequestInt"ForumID"...

CVE-2006-1025

Cross-site scripting XSS vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-1025

The provided sources describe CVE-2006-1025 as a cross-site scripting (XSS) vulnerability in Addsoft StoreBot 2002 Standard, affecting the manage.asp page. The issue is exploitable by remote attackers who can inject arbitrary script/HTML via the ShipMethod parameter. Affected software/component: ...