CVE-2014-1620 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in add.php in HIOX Guest Book (HGB) 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name1 (2) email or (3) cmt parameter.

Reference

http://osvdb.org/101844 http://packetstormsecurity.com/files/124681/Hiox-Guest-Book-5.0-Cross-Site-Scripting.html http://www.securityfocus.com/bid/64683 https://exchange.xforce.ibmcloud.com/vulnerabilities/90156