MySmartBB 1.1.x - Cross-Site Scripting via id or username Parameter
Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) id and (2) username parameters.