CVE-2003-1184

Name of the Vulnerable Software and Affected Versions ThWboard versions 2.8 through 2.81

Description The issue allows remote attackers to inject arbitrary web script or HTML via several vectors, including time in board.php, the profile Homepage-Feld, pictures, and other diverse XSS bugs.

Recommendations For ThWboard versions 2.8 through 2.81, consider disabling the affected features, such as the profile Homepage-Feld and picture uploads, until a fix is available. Restrict access to board.php to minimize the risk of exploitation. Avoid using the time variable in board.php until the issue is resolved.