Re: [eVuln] Vanilla Guestbook Multiple XSS & SQL Injection Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [eVuln] Vanilla Guestbook Multiple XSS & SQL Injection Vulnerabilities
From: tachyon@xxxxxxxxxxxxxxxx
Date: 27 Feb 2006 02:12:51 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

I don't really recall receiving any sort of notification about this. . . .

But anyway, I am indeed aware of XSS vulnerabilities in the software.  My time 
has been devoted to overhauling my blog software, however.  I hope to seriously 
rewrite the guestbook script as soon as possible.  It _is_ a beta version.  
That may not be an excuse, but it should at least be a warning.  Assuredly I'll 
make sure to get rid of the XSS vulnerabilities when I rewrite the script 
pending a final release.

Prev by Date: [SECURITY] [DSA 982-1] New gpdf packages fix several vulnerabilities
Next by Date: Secunia Research: ArGoSoft Mail Server Pro viewheaders Script Insertion
Previous by thread: [eVuln] Vanilla Guestbook Multiple XSS & SQL Injection Vulnerabilities
Next by thread: mwcollect Alliance Launch
Index(es):
- Date
- Thread