CVE-2002-0316

XMB Forum 1.6x - Cross-Site Scripting via IMG Tag

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0316. PoCs published by skizzik.

AI-analyzed exploit summary This is a writeup describing a stored XSS vulnerability in Extreme Message Board (XMB) 1.6 Magic Lantern pre-beta. The vulnerability allows arbitrary JavaScript execution by embedding malicious code within [img] tags.

Description

Cross-site scripting vulnerability in eXtreme message board (XMB) 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag.

Exploits (1)

exploitdb WRITEUP VERIFIED
by skizzik · textwebappsphp
https://www.exploit-db.com/exploits/21300

This is a writeup describing a stored XSS vulnerability in Extreme Message Board (XMB) 1.6 Magic Lantern pre-beta. The vulnerability allows arbitrary JavaScript execution by embedding malicious code within [img] tags.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Extreme Message Board (XMB) 1.6 Magic Lantern pre-beta
No auth needed
Prerequisites: Access to post a message on the forum
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101447886404876&w=2
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/8262.php
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4167

Scores

EPSS 0.0874
EPSS Percentile 94.5%

Details

Status published
Products (1)
xmb_software/xmb_forum 1.6_pre-beta
Published Jun 25, 2002
Tracked Since Feb 18, 2026