[] NeoSense
E X P L O I T S
title author type platform port cve id

OpenBB 1.0 - 'board.php' Cross-Site Scripting

Author: gr00vy
type: webapps
platform: php
port: 
date_added: 2003-12-27 
date_updated: 2012-12-18 
verified: 1 
codes: OSVDB-3220 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/9303/info

OpenBB is prone to a cross-site scripting vulnerability in the 'board.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via URI parameters. This input will be included in dynamically generated web pages. A remote attacker could exploit this issue by embedding hostile HTML and script code in a malicious link to the vulnerable script.

http://www.example.com/board.php?FID=%3Cscript%3Ealert(document.cookie)%3C/script%3E
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.