Okay,

These forums are writen in ASP, Active Server Pages.

UBB is writen in Perl.

ASP is a microsoft server side scripting language. To find out how secure your forums are I would first learn ASP. Then study the code and look at how variables are passed. Now read any and all security bullitens dealing with ASP and Snitz Forums 2000.

Sometimes a language will comeout with a exploit in how variables are passed. That could and usally is a big hole in security on boards.

Second the Logon and password, how are they sent to the server? Is SSL used for the connection, or is is plain text all the way to the server. That is a big weakness.

Break down

http://www.brunns-skola.org/piren/forum/forum.asp?FORUM_ID=5

Root directory of the site
http://www.brunns-skola.org

Some blank page, Little html/javascript code to make it.
http://www.brunns-skola.org/piren
Code:
<link rel="stylesheet" href="stil.css" type="text/css">

<script language="JavaScript" src="bada.asp?id=1"></script>
Root directory of the Board
http://www.brunns-skola.org/piren/forum

This seems to actually include default.asp
you can get to the same page using both the below URLS
http://www.brunns-skola.org/piren/forum/forum.asp
http://www.brunns-skola.org/piren/forum/default.asp

This opens the Elever - diskussion forum, which was the 5th forum the web master created. Hence Forum_ID=5
http://www.brunns-skola.org/piren/forum/forum.asp?FORUM_ID=5

I hope I am helping.
_________________________
http://promodtecnologies.com/rrfn