Online Guestbook Pro 'ogp_show.php' Multiple Input Validation Vulnerabilities

An attacker can exploit these issues through a browser. To exploit a cross-site scripting vulnerability, the attacker must entice an unsuspecting user into visiting a malicious URI.

The following example URIs are available:

http://www.example.com/OGP/ogp_show.php?display=130&sort=&entry=10&search=[sqli]
http://www.example.com/OGP/ogp_show.php?display=130&sort=&entry=10&search=&search_choice=[xss]
http://www.example.com/OGP/ogp_show.php?display=130&sort=&entry=10&search=&search_choice=[html]


 

Privacy Statement
Copyright 2010, SecurityFocus