CVE-2006-2637
The CVE-2006-2637 entry describes a cross-site scripting (XSS) vulnerability in view.php of TuttoPhp variants Morris Guestbook 1, Pretty Guestbook 1, and Smile Guestbook 1. An attacker can inject arbitrary script/HTML by providing a javascript: URI in the SRC attribute of an IMG element via the p...