Morris Guestbook v1

Homepage:
http://www.tuttophp.altervista.org/morrisguest-ing.htm

Description:
Morris Guestbook is a text-based guestbook with the following features: Data storing on text file,
paging of messages on screen, words crypting, counting of inserted messages, blockage of messages with
both html tags(<>)

Effected files:
view.php

An XSS attack is possible due to no filtering of pagina variable:
http://www.example.com/morrisgbook/view.php?pagina=1[IMG&#37;20SRC=javascript:alert&#40;String.fromCharCode&#40;88,83,83&#41;&#41;]

http://www.youfucktard.com