[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [eVuln] Vanilla Guestbook Multiple XSS & SQL Injection Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [eVuln] Vanilla Guestbook Multiple XSS & SQL Injection Vulnerabilities
From: tachyon@xxxxxxxxxxxxxxxx
Date: 27 Feb 2006 02:12:51 -0000

I don't really recall receiving any sort of notification about this. . . .

But anyway, I am indeed aware of XSS vulnerabilities in the software.  My time 
has been devoted to overhauling my blog software, however.  I hope to seriously 
rewrite the guestbook script as soon as possible.  It _is_ a beta version.  
That may not be an excuse, but it should at least be a warning.  Assuredly I'll 
make sure to get rid of the XSS vulnerabilities when I rewrite the script 
pending a final release.

Prev by Date: CGI Calendar XSS Vulnerability
Next by Date: Secunia Research: ArGoSoft Mail Server Pro viewheaders Script Insertion
Previous by thread: [eVuln] Vanilla Guestbook Multiple XSS & SQL Injection Vulnerabilities
Next by thread: mwcollect Alliance Launch
Index(es):
- Date
- Thread