EUVD-2006-3209

Malware in sbrugna...

Sport-slo.net Guestbook v1.0

Advanced Guestbook v1.0 Homepage: http://www.sport-slo.net/ Affected files: guestbook.php ----------------------------------------------- XSS vuln on guestbook.php: Data isn't sanatized before being submit to guestbook.txt and displayed onscreen. The code: if$POST'action' if$POST'name' &&...

CVE-2006-3212

The CVE-2006-3212 entry documents a cross-site scripting (XSS) vulnerability in cjGuestbook 1.3 and earlier, specifically in sign.php. The underlying issue allows remote attackers to inject web script or HTML through one of four user-supplied fields: name, email, add, and wName. The affected comp...

CVE-2006-3211

Cross-site scripting XSS vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject Javascript code via a javascript URI in an img bbcode tag in the comments parameter...

CVE-2006-3212

Cross-site scripting XSS vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject web script or HTML via the 1 name, 2 email, 3 add, and 4 wName parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2006-3211

The CVE-2006-3211 issue affects cjGuestbook versions 1.3 and earlier, located in sign.php. It is a cross-site scripting (XSS) vulnerability that lets remote attackers inject JavaScript by using a javascript: URI in an img BBCode tag within the comments parameter. Impact is partial integrity compr...

PT-2006-4106 · Unknown · Cjguestbook

Name of the Vulnerable Software and Affected Versions: cjGuestbook versions 1.3 and earlier Description: The issue concerns a cross-site scripting XSS vulnerability. It allows remote attackers to inject Javascript code via a javascript URI in an img bbcode tag in the comments parameter...