Categories

Applications (222)
Blogs (7)
Content Management (148)
Customer Relationship (2)
Discussion Boards (29)
E-Commerce (14)
General Purpose Directories (2)
Image Galleries (18)
Mailing Lists (1)
Tips (3)
Vulnerabilities (337)
Access Bypass (50)
Cross Site Scripting (123)
Denial Of Service (2)
File Inclusion (51)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (16)
Session Hijacking (2)
SQL Injection (130)
« KwsPHP “action” Local File Inclusion and Code Execution
miniBB XSS and SQL Injection »

MegaBBS SQLi and XSS

Published by TL Guan May 20th, 2008 in Cross Site Scripting and Discussion Boards.

Application: MegaBBS
Affected Version: version 2.2 and other versions.
Vendor’s URL: MegaBBS
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Edit the source code to ensure that input is properly sanitized.

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional