Description
Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Knight Commander · textwebappsphp
https://www.exploit-db.com/exploits/22820
References (4)
Core 4
Core References
Various Sources x_refsource_misc
http://forums.xmbforum.com/viewthread.php?tid=773046
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/7662
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105363936402228&w=2
Various Sources x_refsource_misc
https://docs.xmbforum2.com/index.php?title=Security_Issue_History
Scores
EPSS
0.0056
EPSS Percentile
68.5%
Details
Status
published
Products (3)
xmb_forum/xmb
1.6
xmb_forum/xmb
1.8
xmb_forum/xmb
1.11
Published
Jun 16, 2003
Tracked Since
Feb 18, 2026