lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060410095421.29537.qmail@securityfocus.com> Date: 10 Apr 2006 09:54:21 -0000 From: root__@...uxmail.org To: bugtraq@...urityfocus.com Subject: Jbook Cross Site Scripting Title : Jbook Cross Site Scripting Author: Mourad aka Psych0 Moroccan Security Team Vendor: www.jmuller.net Version: 1.3 Jbook Guestbook is a PHP/MySQL based guestbook script. Vulnerability in index.php, this issue can allow an attacker to bypass content filters and potentially carry out xss attacks. Example: http://target/path/index.php?page=[xsscode]