Opencosmo Security http://www.opencosmo.com Author: Alfredo Panzera, Opencosmo Security Vendor: phpBB.com Version: 2.0.22 Exploit: Go to http://[website]/forum/admin/admin_groups.php and into 'Group description:' insert your XSS.