5 matches found
Winn Guestbook v2.4.8c Stored XSS
Exploit Title: Winn Guestbook v2.4.8c Stored XSS Date: 12/29/11 Author: G13 Software Link: http://code.google.com/p/winn-guestbook/, http://www.winn.ws Version: 2.4.8c Category: webapps php CVE: 2011-5026 Vulnerability There is no sanitation on the input of the name variable. This allows maliciou...
CVE-2011-5026
Cross-site scripting XSS vulnerability in the addPost function in data/functions.php in Winn GuestBook before 2.4.8d allows remote attackers to inject arbitrary web script or HTML via the name parameter to index.php. NOTE: some of these details are obtained from third party information...
CVE-2011-5026
Cross-site scripting (XSS) in Winn GuestBook prior to version 2.4.8d is caused by insufficient sanitization in the addPost function (data/functions.php) that processes the name parameter in index.php. This allows remote attackers to inject arbitrary script/HTML. Affected: Winn GuestBook 2.4.8c (a...
Winn Guestbook 2.4.8c - Persistent Cross-Site Scripting
Winn Guestbook 2.4.8c - Persistent Cross-Site Scripting Exploit Title: Winn Guestbook v2.4.8c Stored XSS Date: 12/29/11 Author: G13 Software Link: http://code.google.com/p/winn-guestbook/, http://www.winn.ws Version: 2.4.8c Category: webapps php CVE: 2011-5026 Vulnerability There is no sanitation...
Winn Guestbook 2.4.8c - Persistent Cross-Site Scripting
Exploit Title: Winn Guestbook v2.4.8c Stored XSS Date: 12/29/11 Author: G13 Software Link: http://code.google.com/p/winn-guestbook/, http://www.winn.ws Version: 2.4.8c Category: webapps php CVE: 2011-5026 Vulnerability There is no sanitation on the input of the name variable. This allows maliciou...