Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16829
HistoryApr 24, 2007 - 12:00 a.m.

Big Blue Guestbook HTML Injection Vulnerabilities

2007-04-2400:00:00
vulners.com
66
JSON

Hi friends,

Big Blue Guestbook software is prone to HTML injection attacks. This issue is exposed via the message form field in the

guestbook entry submission form.

Exploitation could permit remote attackers to persistently inject hostile HTML and script code into guestbook content. This

could allow for theft of cookie-based authentications or other attacks, such as those which misrepresent guestbook content.

vendor : http://www.ben-barnett.com/guestbook.php
download : http://www.ben-barnett.com/BigBlueGuestbook.zip

Thnx: www.starhack.org // CaRaMeL

JSON