Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Guestbooks :: tb10580.htm

Big Blue Guestbook HTML Injection Vulnerabilities



Big Blue Guestbook HTML Injection Vulnerabilities
Big Blue Guestbook HTML Injection Vulnerabilities



Hi friends, 


Big Blue Guestbook software is prone to HTML injection attacks. This issue is exposed via the message form field in the 

guestbook entry submission form. 

Exploitation could permit remote attackers to persistently inject hostile HTML and script code into guestbook content. This 

could allow for theft of cookie-based authentications or other attacks, such as those which misrepresent guestbook content. 

vendor : http://www.ben-barnett.com/guestbook.php 
download : http://www.ben-barnett.com/BigBlueGuestbook.zip 

Thnx: www.starhack.org // CaRaMeL 


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH