TUCoPS :: Web :: Apps :: b06-1530.htm

Jbook Cross Site Scripting
Jbook Cross Site Scripting
Jbook Cross Site Scripting


Title : Jbook Cross Site Scripting
Author: Mourad aka Psych0
Moroccan Security Team
Vendor: www.jmuller.net 
Version: 1.3

Jbook Guestbook is a PHP/MySQL based guestbook script.

Vulnerability in index.php, this issue can allow an 
attacker to bypass content filters and potentially carry out xss attacks.

Example:

http://target/path/index.php?page=[xsscode]

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH