Description
Cross-site scripting (XSS) vulnerability in dv_gbook.php in DVguestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the f parameter.
Exploits
273592006-03-06webappsPHP
DVGuestbook 1.0/1.2.2 - 'dv_gbook.php?f' Cross-Site Scripting
By Liz0ziM
References
cve@mitre.org
http://biyosecurity.be/bugs/dvguestbook.txtcve@mitre.org
http://secunia.com/advisories/19098cve@mitre.org
http://www.securityfocus.com/bid/16968cve@mitre.org
http://www.vupen.com/english/advisories/2006/0842af854a3a-2127-422b-91ae-364da2661108
http://biyosecurity.be/bugs/dvguestbook.txtaf854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/19098af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/427214/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/16968af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/0842af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/25049