Description
Cross-site scripting (XSS) vulnerabilities in Ekinboard 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in profile.php and (2) titles of posts.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by trueend5 · textwebappsphp
https://www.exploit-db.com/exploits/26516
References (7)
Core 7
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15447
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17569
Exploit, Vendor Advisory vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015207
URL Repurposed x_refsource_misc
http://irannetjob.com/content/view/162/28/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15443
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/20844
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2419
Scores
EPSS
0.0076
EPSS Percentile
73.4%
Details
Status
published
Products (1)
ekinboard/ekinboard
1.0.3
Published
Nov 16, 2005
Tracked Since
Feb 18, 2026