BSMAX 4.2 a xss on "action" parameter

Exploit for unknown platform in category web applications ===================================== BSMAX 4.2 a xss on "action" parameter ===================================== Affected Software : bbsmax:bbsmax:3.0 bbsmax:bbsmax:4.1 bbsmax:bbsmax:4.2 i found a xss on "action" parameter in "post.aspx" ...

[xss] a xss on "action" parameter in BBSMAX

i found a xss on "action" parameter in "post.aspx" in BBSMAX , it's "post.aspx?action=" Vulnerable: BBSMAX 4.2 BBSMAX 4.1 BBSMAX 3.0 For example: http://bbs.example.com/forum1/post.aspx?action=newthread"scriptalert/liscker//script BBSMAX Home Page : http://www.bbsmax.com/ BBSMAX is prone to an...

[xss] a xss on "threadid" parameter in BBSMAX

i found a xss on "threadid" parameter in "post.aspx" in BBSMAX , it's "post.aspx?action=reply&threadid=" Vulnerable: BBSMAX 4.2 BBSMAX 4.1 BBSMAX 3.0 For example: http://bbs.example.com/forum1/post.aspx?action=reply&threadid="scriptalert/liscker/;/script BBSMAX Home Page : http://www.bbsmax.com/...

Cross site scripting

Cross-site scripting XSS vulnerability in post.aspx in Max Network Technology BBSMAX 3.0, 4.1, and 4.2 allows remote attackers to inject arbitrary web script or HTML via the action parameter...

CVE-2010-0947

CVE-2010-0947 is a cross-site scripting (XSS) vulnerability affecting Max Network Technology BBSMAX versions 3.0, 4.1 and 4.2. The flaw exists in post.aspx and allows remote attackers to inject arbitrary web script or HTML via the action parameter. The NVD notes a MEDIUM severity (CVSS v2: AV:N/A...

CVE-2010-0947

Cross-site scripting XSS vulnerability in post.aspx in Max Network Technology BBSMAX 3.0, 4.1, and 4.2 allows remote attackers to inject arbitrary web script or HTML via the action parameter...