[] NeoSense
E X P L O I T S
title author type platform port cve id

MiniBB 1.2 - Cross-Site Scripting

Author: frog
type: webapps
platform: php
port: 
date_added: 2002-04-17 
date_updated: 2012-09-21 
verified: 1 
codes: OSVDB-86911 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/4619/info

MiniBB is web forum software. It is written in PHP and will run on most Unix and Linux variants as well as Microsoft Windows operating systems.

MiniBB does not filter script code from URL parameters, making it prone to cross-site scripting attacks.

This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users of a website running MiniBB.

http://target/forums/index.php?action=search&searchFor="><script>alert("test")</script >
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.