Skull-Splitter Guestbook Multiple HTML Injection Vulnerabilities Network Vulnerability

Summary

The remote host is running the Skull-Splitter guestbook, a guestbook written in PHP. The remote version of this software is vulnerable to cross-site scripting attacks. Inserting special characters into the subject or message content can cause arbitrary code execution for third party users, thus resulting in a loss of integrity of their system.

Solution

None at this time

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

An Image Gallery Directory Traversal Vulnerability
/cgi-bin directory browsable ?
Allaire JRun directory browsing vulnerability
Apache Tiles Multiple XSS Vulnerability
Apache Struts Directory Traversal Vulnerability

Take action and discover your vulnerabilities