- Techno Dreams GuestBook Remote XSS Exploit -
-= Techno Dreams GuestBook Latetest Version =-
Omnipresent
May 04, 2006
XSS Exploit
Techno Dreams GuestBook Latetest Version
A free ready to use Guest Book ASP script. It uses MS Access with ability to be upgraded into SQL.
Now, we've added an Admin Area for the script (not in the demo). Special thanks for Victor Hugo Sosa Esquivel for the
Spanish Translation.
The application is vulnerable to an XSS (Cross-Site Scripting) Attack.
If the poster post in the field *comments: (after click on Sign Our GuestBook) the follow script
<script>alert("You are vulnerabile to XSS")</script>
When a user go to see the blog he receive the message "You are vulnerabile to XSS".
Not Informed!
omnipresent
[email protected]