CVE-2008-3668

The exploit demonstrates a reflected XSS vulnerability in Yogurt Social Network 3.2 rc1 by injecting a script tag into the 'uid' parameter of the album.php module. The lack of input sanitization allows arbitrary JavaScript execution in the context of the affected site.

The exploit demonstrates a reflected XSS vulnerability in Yogurt Social Network 3.2 rc1 by injecting a script tag into the 'uid' parameter of the friends.php module. The PoC shows how arbitrary JavaScript can be executed in the context of the affected site.

The exploit demonstrates a reflected XSS vulnerability in Yogurt Social Network by injecting a script tag into the 'uid' parameter of the tribes.php module. The lack of input sanitization allows arbitrary JavaScript execution in the context of the affected site.

The exploit demonstrates a reflected XSS vulnerability in Yogurt Social Network by injecting a script tag into the 'uid' parameter of the scrapbook.php module. The lack of input sanitization allows arbitrary JavaScript execution in the context of the affected site.

The exploit demonstrates a reflected XSS vulnerability in Yogurt Social Network 3.2 rc1 by injecting a script tag into the 'uid' parameter of the 'seutubo.php' module. The lack of input sanitization allows arbitrary JavaScript execution in the context of the affected site.

The exploit demonstrates a reflected XSS vulnerability in Yogurt Social Network by injecting a script tag into the 'uid' parameter of the index.php file. The lack of input sanitization allows arbitrary JavaScript execution in the context of the affected site.