CVE-2007-1903 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in search.php in SonicBB 1.0 allows remote attackers to inject arbitrary web script or HTML via the part parameter.

Affected Software

Name	Vendor	Start Version	End Version
Sonicbb	Sonicbb	1.0 (including)	1.0 (including)

References

http://marc.info/?l=full-disclosure\u0026m=117914615830702\u0026w=2
http://secunia.com/advisories/25279
http://www.netvigilance.com/advisory0020
http://www.osvdb.org/34042
http://www.securityfocus.com/archive/1/468537/100/0/threaded
http://www.securityfocus.com/bid/23963
http://www.vupen.com/english/advisories/2007/1816
https://exchange.xforce.ibmcloud.com/vulnerabilities/34256
http://marc.info/?l=full-disclosure\u0026m=117914615830702\u0026w=2
http://secunia.com/advisories/25279
http://www.netvigilance.com/advisory0020
http://www.osvdb.org/34042
http://www.securityfocus.com/archive/1/468537/100/0/threaded
http://www.securityfocus.com/bid/23963
http://www.vupen.com/english/advisories/2007/1816
https://exchange.xforce.ibmcloud.com/vulnerabilities/34256

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1903
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html