EUVD-2003-0970

Malware in sbrugna...

CVE-2003-0980

Cross-site scripting XSS vulnerability in FreeScripts VisitorBook LE visitorbook.pl allows remote attackers to inject arbitrary HTML or web script via 1 the "do" parameter, 2 via the "user" parameter from a host with a malicious reverse DNS name, 3 via quote marks or ampersands in other parameter...

CVE-2003-0979

FreeScripts VisitorBook LE visitorbook.pl does not properly escape line breaks in input, which allows remote attackers to 1 use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or 2 cause the guestbook database to be deleted via a large number of line...

CVE-2003-0981

FreeScripts VisitorBook LE visitorbook.pl logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting XSS attacks...

CVE-2003-0981

FreeScripts VisitorBook LE visitorbook.pl logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting XSS attacks...

CVE-2003-0979

FreeScripts VisitorBook LE visitorbook.pl does not properly escape line breaks in input, which allows remote attackers to 1 use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or 2 cause the guestbook database to be deleted via a large number of line...

CVE-2003-0979

Vulnerability overview (CVE-2003-0979) FreeScripts VisitorBook LE (visitorbook.pl) fails to properly escape line breaks in user input. This can allow remote attackers to abuse the script as an open mail relay when $mailuser is 1 (via extra headers in the email field) and to trash the guestbook da...

CVE-2003-0981

CVE-2003-0981 affects FreeScripts VisitorBook LE (visitorbook.pl). The issue is that the program logs the reverse DNS name of a visiting host, which can enable remote attackers to spoof the origin of requests and facilitate cross-site scripting (XSS). The connected documents do not provide concre...

CVE-2003-0980

Cross-site scripting XSS vulnerability in FreeScripts VisitorBook LE visitorbook.pl allows remote attackers to inject arbitrary HTML or web script via 1 the "do" parameter, 2 via the "user" parameter from a host with a malicious reverse DNS name, 3 via quote marks or ampersands in other parameter...

CVE-2003-0980

CVE-2003-0980 is an XSS vulnerability in FreeScripts VisitorBook LE (visitorbook.pl). The issue permits remote attackers to inject arbitrary HTML or JavaScript via (1) the do parameter, (2) the user parameter from a host with a malicious reverse DNS name, and (3) quote marks or ampersands in othe...

Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)

Westpoint Security Advisory Title: VisitorBook LE Mail Relay and Cross Site Scripting Risk Rating: Moderate Software: FreeScripts VisitorBook LE Platforms: Most Unix Vendor URL: http://www.freescripts.com/ Author: Paul Johnston [email protected] Date: 10th December 2003 Advisory ID: wp-03-000...

PT-2003-1990 · Freescripts · Freescripts Visitorbook Le

Name of the Vulnerable Software and Affected Versions: FreeScripts VisitorBook LE affected versions not specified Description: The issue allows remote attackers to spoof the origin of their incoming requests, facilitating cross-site scripting XSS attacks. This is possible because the FreeScripts...