Jbook Cross Site Scripting

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Jbook Cross Site Scripting
From: root__@xxxxxxxxxxxxx
Date: 10 Apr 2006 09:54:21 -0000

Title : Jbook Cross Site Scripting
Author: Mourad aka Psych0
Moroccan Security Team
Vendor: www.jmuller.net
Version: 1.3

Jbook Guestbook is a PHP/MySQL based guestbook script.

Vulnerability in index.php, this issue can allow an 
attacker to bypass content filters and potentially carry out xss attacks.

Example:

http://target/path/index.php?page=[xsscode]

Prev by Date: [eVuln] phpNewsManager Multiple SQL Injections
Next by Date: phpMyForum Cross Site Scripting & CRLF injection
Previous by thread: PHPList <= 2.10.2 remote commands execution
Next by thread: phpMyForum Cross Site Scripting & CRLF injection
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux