Description
Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to inject arbitrary HTML into the shoutbox page via the site parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by delusion · textwebappsphp
https://www.exploit-db.com/exploits/21668
References (4)
Core 4
Core References
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9739.php
URL Repurposed x_refsource_misc
http://endity.com/board/index.php?act=ST&f=3&t=68&s=363128162825b2d7fcf60c9cd2a292fe
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5354
Exploit, Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-07/0389.html
Scores
EPSS
0.0505
EPSS Percentile
89.9%
Details
Status
published
Products (1)
endity.com/shoutbox
1.2
Published
Apr 11, 2003
Tracked Since
Feb 18, 2026