bug:local file include & multiples permanent xss
error sql :
xss permanent :
you will get your cookie stealed direcly .
those xss are a serious security issue for a forum , because they are permanent .
local file include :
also once the attacker have stoolen the cookie , then he will get admin ,
in the administration there's a local file include here :
laurent gaffi & benjamin moss
contact: saps.audit (at) gmail (dot) com [email concealed]