CVE-2002-1729

Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.

CVE-2002-1730

ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".