Topic   	: XSS possibility on every "onetwomax.de" forum
Autor		: Iman Karim (iman.karim@smail.inf.fh-bonn-rhein-sieg.de)
		  http://home.inf.fh-rhein-sieg.de/~ikarim2s/
Bug Found	: 15 June 2006
Vendor		: http://www.onetwomax.de/
Vendor informed : NO!

XSS		: http://[FORUMID].forum.onetwomax.de/?action=[XSS]&id=[ANY]

Google Dork	: inurl:.forum.onetwomax.de/

Best Regards.