QwikSec

Security Database

CVE

CWE

Training

CVE-2005-4879

Published: Mar 31, 2009

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in jax_guestbook.php in Jax Guestbook 3.1 and 3.31 allow remote attackers to inject arbitrary web script or HTML via the (1) gmt_ofs and (2) language parameters. NOTE: the page parameter is already covered by CVE-2006-1913. NOTE: it was later reported that 3.50 is also affected.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://downloads.securityfocus.com/vulnerabilities/exploits/28523.html

x_refsource_MISC

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

http://lostmon.blogspot.com/2005/08/jax-php-scripts-multiple.html

x_refsource_MISC

jaxguestbook-jaxguestbook-xss(43562)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.