bug:local file include & multiples permanent xss
error sql :
xss permanent :
you will get your cookie stealed direcly .
those xss are a serious security issue for a forum , because they are permanent .
local file include :
also once the attacker have stoolen the cookie , then he will get admin ,
in the administration there's a local file include here :
laurent gaffi=E9 & benjamin moss=E9