CVE-2009-4554

This exploit demonstrates multiple XSS vulnerabilities in Snitz Forums 2000 version 3.4.07, including persistent XSS via the [sound] tag and reflected XSS via a crafted URL. The PoC uses simple JavaScript payloads to trigger alerts with document.cookie.

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Snitz Forums 2000 by injecting malicious JavaScript code via the 'url' parameter in the 'pop_send_to_friend.asp' page. The payload triggers an alert with the document cookie, proving the vulnerability.

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Snitz Forums 2000 by injecting malicious JavaScript code via the [sound] BBCode tag. The payload executes an alert with the user's cookies, proving arbitrary script execution in the context of the affected site.