Cross-site scripting (XSS) vulnerability in default.asp for episodex guestbook allows remote attackers to inject arbitrary web script or HTML via the Name field and other fields.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| episodex | episodex_guestbook | * |
episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct request to admin.asp.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-425,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| episodex | episodex_guestbook | * |