Hi! Another php - board named ReBB (http://www.rebb.net) has a [img] vulnerability. Exploit: Use this string (my favorite :)) - [img]javascript:alert('test')[/img] Possible decision: All urls in [img] tag should start with http:// SliderGod
This archive was generated by hypermail 2b30 : Mon Mar 04 2002 - 13:08:59 PST