Bugtraq mailing list archives
Jbook Cross Site Scripting
From: root__ () linuxmail org
Date: 10 Apr 2006 09:54:21 -0000
Title : Jbook Cross Site Scripting Author: Mourad aka Psych0 Moroccan Security Team Vendor: www.jmuller.net Version: 1.3 Jbook Guestbook is a PHP/MySQL based guestbook script. Vulnerability in index.php, this issue can allow an attacker to bypass content filters and potentially carry out xss attacks. Example: http://target/path/index.php?page=[xsscode]
Current thread:
- Jbook Cross Site Scripting root__ (Apr 10)