Guestserver guestbook system vulnerabilities

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Guestserver guestbook system vulnerabilities
From: jaakko@xxxxxxxx
Date: 11 Dec 2005 17:42:30 -0000

The poor security and input validation at Guestserver versions below 5 ( there are still lots of them out there ) allow all HTML tags inside a message and it can be exploited as much as you want to.

http://www.stud.ntnu.no/~larsell/guestserver/

A Google Search for "Guestbook by  Guestserver - v4.12" for example comes up with tons of vulnerable sites.

Prev by Date: [ GLSA 200512-03 ] phpMyAdmin: Multiple vulnerabilities
Next by Date: Re: [Full-disclosure] [scip_Advisory] NetGear RP114 Flooding Denial ofService
Previous by thread: [ GLSA 200512-03 ] phpMyAdmin: Multiple vulnerabilities
Next by thread: oracle not only offeder - researchers NOT responsible?
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux