Wernhart Guestbook Cross Site Scripting

`New eVuln Advisory:  
Multiple XSS in Wernhart Guestbook  
Summary: http://evuln.com/vulns/150/summary.html   
Details: http://evuln.com/vulns/150/description.html   
  
-----------Summary-----------  
eVuln ID: EV0150  
Software: Wernhart Guestbook  
Vendor: Carl A. Wernhart  
Version: 2001.03.28  
Critical Level: low  
Type: Cross Site Scripting  
Status: Unpatched. No reply from developer(s)  
PoC: Not available  
Solution: Not available  
Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ )  
--------Description--------  
All user-defined parameters are not sanitized.  
Arbitrary XSS is possible.  
Vulnerable script: insert.phtml.  
--------PoC/Exploit--------  
XSS inj examples  
All input data is not sanitized:  
First Name: <XSS inj>  
Last Name: <XSS inj>  
E-Mail: <XSS inj>  
Web Site: <XSS inj>  
---------Solution----------  
Not available  
----------Credit-----------  
Vulnerability discovered by Aliaksandr Hartsuyeu  
http://evuln.com/xss/useragent.html - recent useragent xss vulns  
`