CVE-2002-0330

Openbb - XSS

Title source: rule

Description

Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag.

Exploits (2)

exploitdb WORKING POC VERIFIED

by skizzik · textwebappsphp

https://www.exploit-db.com/exploits/21301

View Code ZIP pw:eip

exploitdb WRITEUP

webappsphp

https://www.exploit-db.com/exploits/21474

View Code ZIP pw:eip

References (5)

[Various Sources] http://community.iansoft.net/read.php?TID=5159

[Exploit, Patch, Vendor Advisory] http://www.iss.net/security_center/static/8278.php

[Third Party Advisory, VDB Entry] http://www.osvdb.org/5658

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/4171

[Mailing List] http://marc.info/?l=bugtraq&m=101466092601554&w=2

Scores

EPSS 0.0697

EPSS Percentile 91.5%

Details

Status published

Products (3)

openbb/openbb 1.0.0_beta1

openbb/openbb 1.0.0_rc1

openbb/openbb 1.0.0_rc2

Published Jun 25, 2002

Tracked Since Feb 18, 2026