<<< Date Index >>>     <<< Thread Index >>>

html Guest Gear



htmls guest gear (all pages that look like this 
http://htmlgear.tripod.com/guest/control.guest?a=sign) has an exploit where you 
can inject html and javascript into there guestbook by doing the following 

<br iframe src=javascript:alert("hi")>></br>

you can put any html or javascript in there. you can find vunrable page by 
doing the following google search 

site:http://htmlgear.tripod.com/guest/control.guest?a=sign