Summary
The remote host seems to be running OpenBB, a forum management system written in PHP.
The remote version of this software is vulnerable to cross-site scripting attacks, through the script 'board.php'.
Using a specially crafted URL, an attacker can cause arbitrary code execution for third party users, thus resulting in a loss of integrity of their system.
Solution
Upgrade to the latest version of this software.
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- @Mail 'admin.php' Cross-Site Scripting Vulnerabilities
- Advanced Image Hosting Cross Site Scripting Vulnerability
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities