Cross-site scripting (XSS) vulnerability in viewforum.php in Ultimate PHP Board (UPB) 1.8 up to and including 1.9.6 allows remote malicious users to inject arbitrary web script or HTML via the postorder parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ultimate php board ultimate php board 1.9 |
||
ultimate php board ultimate php board 1.9.6 |
||
ultimate php board ultimate php board 1.8 |
||
ultimate php board ultimate php board 1.8.2 |