TUCoPS :: Web :: Guestbooks :: b06-2342.htm

Hiox Guestbook 3.1
Hiox Guestbook 3.1
Hiox Guestbook 3.1


Hiox Guestbook 3.1=0D
=0D
Homepage:=0D
http://hscripts.com/scripts/php/gb.php=0D 
=0D
Description=0D
A free guest book script that can be added in to any html website with php.=0D
=0D
Effected files:=0D
=0D
index.php=0D
=0D
Exploit:=0D
=0D
The input forms for signing the guestbook arent sanatized properally. This could lead users to insert malicious code causing XSS.=0D
=0D
It should also be noted that this gb uses a flatfile gb.txt to store its info in, and has to be chmodded to 777. There isn't method of obscuring email addresses in this gb script either.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH