CheesyBlog-1.0.txt

`New eVuln Advisory:  
CheesyBlog XSS Vulnerability  
http://evuln.com/vulns/49/summary.html  
  
--------------------Summary----------------  
  
Software: CheesyBlog  
Sowtware's Web Site: http://cheesepizza.net/  
Versions: 1.0  
Critical Level: Harmless  
Type: Cross-Site Scripting  
Class: Remote  
Status: Unpatched  
Exploit: Available  
Solution: Not Available  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
eVuln ID: EV0049  
  
-----------------Description---------------  
Arbitrary script code insertion is possible.  
  
Vulnerable Script: archive.php  
  
All user-defined data isn't properly sanitized. This can be used to post arbitrary html or script code.  
  
--------------Exploit----------------------  
Available at: http://evuln.com/vulns/49/exploit.html  
  
  
--------------Solution---------------------  
No Patch available.  
  
--------------Credit-----------------------  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
`