2 matches found
CVE-2003-0979
Vulnerability overview (CVE-2003-0979) FreeScripts VisitorBook LE (visitorbook.pl) fails to properly escape line breaks in user input. This can allow remote attackers to abuse the script as an open mail relay when $mailuser is 1 (via extra headers in the email field) and to trash the guestbook da...
CVE-2003-0980
CVE-2003-0980 is an XSS vulnerability in FreeScripts VisitorBook LE (visitorbook.pl). The issue permits remote attackers to inject arbitrary HTML or JavaScript via (1) the do parameter, (2) the user parameter from a host with a malicious reverse DNS name, and (3) quote marks or ampersands in othe...