CVE-2008-6359 Information

Description

Cross-site scripting (XSS) vulnerability in index.php in Max’s Guestbook allows remote attackers to inject arbitrary web script or HTML via the (1) name (2) email and (3) message parameters.

Reference

http://osvdb.org/50654 http://packetstormsecurity.org/files/110772/Maxs-Guestbook-1.0-Local-File-Inclusion-Path-Disclosure.html http://secunia.com/advisories/33106 http://www.exploit-db.com/exploits/18595 http://www.securityfocus.com/archive/1/499099/100/0/threaded http://www.securityfocus.com/bid/32763 http://www.securityfocus.com/bid/52471 https://exchange.xforce.ibmcloud.com/vulnerabilities/47250 https://exchange.xforce.ibmcloud.com/vulnerabilities/74011