[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

vuln

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: vuln
From: "ShelzZ" <shelzz@xxxxxxx>
Date: Mon, 29 Mar 2004 01:11:55 +0400

#############################
#0x29a team security advisory
#############################
#Product: Fresh Guest book
#Script: guest.cgi
#Company: WebFresh
#Vulnerability: XSS
#############################
#Overview:
HiGuest is a simple perl-guestbook, which include all standart
guestbook functions.
#Bug: Any remote user can execute html code on the vulnerable system.
The script don't filter incoming data in "Name" area.
#w0w
http://0x29a.hncrew.org

Prev by Date: LNSA-#2004-0007: Multiple security problems in Ethereal
Next by Date: [SECURITY] [DSA 469-1] New libpam-pgsql packages fix SQL injection
Previous by thread: LNSA-#2004-0007: Multiple security problems in Ethereal
Next by thread: [SECURITY] [DSA 469-1] New libpam-pgsql packages fix SQL injection
Index(es):
- Date
- Thread