Description - BBcode XSS Vulnerability in NavBoard
Cross Site Scripting found in NavBoard script.
Arbitrary script code insertion is possible in BBcode.
Vulnerable Script: post.php
BBcode isn't properly sanitized. This can be used to post arbitrary script code which will be executed in the browser of every visitor.
Administrator's cookie-based authentication is threatened.
Login and plain text Password are stored in Cookies.
Administrator can modify PHP Code from Administrator's panel.
Order Source Code Review
Prevent hacker attacks by source code audit of your site or web application made by eVuln team.The work will be done by experts in website security.