Vulnerabilities > CVE-2003-0980 - Unspecified vulnerability in Freescripts Visitorbook LE

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

freescripts

NVD

Published: 2004-01-05

Updated: 2024-11-20

Summary

Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remote attackers to inject arbitrary HTML or web script via (1) the "do" parameter, (2) via the "user" parameter from a host with a malicious reverse DNS name, (3) via quote marks or ampersands in other parameters.

Vulnerable Configurations

Part	Description	Count
Application	Freescripts Freescripts Visitorbook Le	1

References

http://marc.info/?l=bugtraq&m=107107840622493&w=2
http://marc.info/?l=bugtraq&m=107107840622493&w=2
http://www.westpoint.ltd.uk/advisories/wp-03-0001.txt
http://www.westpoint.ltd.uk/advisories/wp-03-0001.txt