2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag...
CVE-2006-0779
CVE-2006-0779 concerns a cross-site scripting (XSS) vulnerability in XMB Forums (u2u.php) affecting 1.9.3 and earlier. The flaw allows remote attackers to inject arbitrary script/HTML via the username parameter, demonstrated with a URL-encoded iframe tag. Affected component: u2u.php; vulnerabilit...