PT-2007-2720 · Sava · Sava'S Guestbook
Name of the Vulnerable Software and Affected Versions: Sava's Guestbook version 23.11.2006 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the name, country, email, and website parameters in the add2.php file. This can lead to cross-site scripting XSS...