Product: Led-Forums 
Versions: Beta 1 
URL: http://www.ledscripts.com
Vulnerability: XSS- and redirection-Bug 
Date: October 30, 2003 
Discovered by: ProXy <proxy@excluded.org> 

1. - XSS-Bug 

The welcome-message of the Led-Forums software could be changed by everybody. 
Normal text, HTML and javascript it's all allowed! :) 

eg: 
  http://host/~path/index.php?top_message=<script>alert(document.cookie)</script> 
  http://host/~path/index.php?top_message=<h1>OWNED?%20*g*</h1> 

--
2. - Redirection-Bug 

HTML-tags are allowed in topic-names as well as javascript. 
So if anybody insert the following JS-code in the topic-field of a new thread 
the complete forum-category would be redirected to the adress the attacker indicates. 

<script>window.location='http://www.excluded.org'</script> 


- ProXy 
- http://www.excluded.org