MyTrueHood.com Homepage: http://www.mytruehood.com Effected files: Input boxes of submitting a comment and signing a guestbook XSS proof of concept: put <IMG SRC="javascript:alert('XSS');"> in the signing aguestbook or leaving a comment in a blog box.