Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters.
References
Link | Resource |
---|---|
http://packetstormsecurity.org/0508-advisories/emefaGuest.txt | Vendor Advisory |
http://secunia.com/advisories/16489 | Patch Vendor Advisory |
http://systemsecure.org/ssforum/viewtopic.php?t=91 | Vendor Advisory |
http://www.emefa.myserver.org/comp/guestview.php | Patch |
http://www.securityfocus.com/bid/14599 |
Configurations
History
No history.
Information
Published : 2005-08-23 04:00
Updated : 2024-02-04 16:52
NVD link : CVE-2005-2650
Mitre link : CVE-2005-2650
CVE.ORG link : CVE-2005-2650
JSON object : View
Products Affected
emefa
- emefa_guestbook
CWE