2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in EJ3 BlackBook 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 bookCopyright and 2 ver parameters to a footer.php, and the 3 bookName, 4 bookMetaTags, and 5 estiloCSS parameters to b header.php...
EJ3 BlackBook 1.0 - 'header.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/29015/info BlackBook is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...