Cross-site scripting (XSS) vulnerability in NextBBS 0.6 allows remote malicious users to inject arbitrary web script or HTML via the do parameter to index.php.
source: wwwsecurityfocuscom/bid/52728/info
NextBBS is prone to multiple SQL-injection vulnerabilities, a cross-site scripting vulnerability, and an authentication-bypass vulnerability
Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify ...