Cross site scripting

2009-09-1521:30:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON

Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.

CPENameOperatorVersion
digioz_guestbookeq1.7.2

CPE	Name	Operator	Version
	digioz_guestbook	eq	1.7.2

References

packetstormsecurity.org/0908-exploits/digiozgb-xss.txt

secunia.com/advisories/36489

www.vupen.com/english/advisories/2009/2443