CVE-2007-1623 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in realGuestbook 5.01 when register_globals is enabled allow remote attackers to inject arbitrary web script or HTML via the (1) bg_color_1 (2) fs_menu (3) fc_menu (4) ff_menu (5) bg_color_2 (6) fs_normal (7) fc_normal and (8) ff_normal parameters to welcome_admin.php; and possibly unspecified other parameters and files. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Reference

http://secunia.com/advisories/24602 http://www.osvdb.org/34341