phazizGuestbook v2.0 - XSS

Fri, 09 Jun 2006 11:36:06 -0700 

phazizGuestbook v2.0



Homepage:

http://www.devhome.de/#english_version


Effected files:

input boxes of name, email, url, text.


XSS Vulnerability:

None of these input boxes sanatize user input before generating it. for PoC put 
<IMG SRC=javascript:alert(&#00000XSS')> in any of the above boxes.

Reply via email to