EUVD-2006-2232

Malware in sbrugna...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 mail, 2 site, 3 city, 4 state, 5 country, and possibly 6 name fields, which are viewed via viewguest.cgi...

CVE-2006-2231

Multiple cross-site scripting XSS vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 mail, 2 site, 3 city, 4 state, 5 country, and possibly 6 name fields, which are viewed via viewguest.cgi...