Description
Cross-site scripting (XSS) vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Emile van Elen · textwebappsphp
https://www.exploit-db.com/exploits/24797
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18334
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11798
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110238530129498&w=2
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110206527624612&w=2
Scores
EPSS
0.0073
EPSS Percentile
72.8%
Details
Status
published
Products (2)
advanced_guestbook/advanced_guestbook
2.2
advanced_guestbook/advanced_guestbook
2.3.1
Published
Jan 10, 2005
Tracked Since
Feb 18, 2026