It seems to me that your site is vulnrable. If you allow me, I can test it and give u the suggestions.

-Stack

Hello stack and welcome to CCSP. Wishing that you enjoy your stay.

If there are any vulnerablities to your finding please submit your results with full details to the site Admin. His name is Paul and he shall contact you a.s.a.p.


Admin Contact:
Paul Laudanski
paul{-AT-}computercops.biz

Thank you,

-cj.-
______

Ok...i will e-mail him..thx..

-Stack

Glad to have you on board and active on site!

Thanks for posting!

Yes replied to the email. My question is, what leads you to suspect there is a vulnerability?

Glad to see such a wonderful and practical admin !!

-Stack it..

<b onMouseOver="alert(document.location);">Here is a poosible exploit !! Move ur mouse here and you will see something. A malicious user can possibly exploit this. Disable HTML codes!!</b>

It's possible to write such a code to steal cookie of another users using this html-code exploit.

-Stack..

Also..why don't u update to phpBB 2.0.3 ? There may be other bugs in older version.

-Stack..

Hmm, I thought I disabled HTML completely. Well now it is. I've been too caught up in my daily work schedule to upgrade the site so I've been patching and locking things down in the meantime.

I am expecting some time in January to begin upgrading the software.