bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/21479.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

10 lines
No EOL
777 B
Text
Raw Blame History

source: https://www.securityfocus.com/bid/4824/info
OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems.
It has been reported that OpenBB is vulnerable to a cross-site scripting attack.
Attackers may exploit this vulnerability by constructing a link to one of these scripts containing malicious script code. If the link is sent to a OpenBB user and clicked on, the attacker-supplied script code will run in the context of the user's OpenBB session. The script code may obtain cookie values or perform unauthorized actions as the victim user.
http://targetsite/myhome.php?action=messages&box=<form%20name=a><input%20name=i%20value=XSS></form>
<script>alert(document.a.i.value)</script>
Reference in a new issue View git blame Copy permalink