CVE-2007-0605 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote attackers to inject arbitrary web script or HTML via the picture parameter.

Affected Software

Name	Vendor	Start Version	End Version
Advanced_guestbook	Advanced_guestbook	2.4.2 (including)	2.4.2 (including)

References

http://secunia.com/advisories/25153
http://securityreason.com/securityalert/2663
http://www.netvigilance.com/advisory0012
http://www.osvdb.org/33877
http://www.securityfocus.com/archive/1/467937/100/0/threaded
http://www.securityfocus.com/bid/23873
http://www.vupen.com/english/advisories/2007/1726
https://exchange.xforce.ibmcloud.com/vulnerabilities/34156
http://secunia.com/advisories/25153
http://securityreason.com/securityalert/2663
http://www.netvigilance.com/advisory0012
http://www.osvdb.org/33877
http://www.securityfocus.com/archive/1/467937/100/0/threaded
http://www.securityfocus.com/bid/23873
http://www.vupen.com/english/advisories/2007/1726
https://exchange.xforce.ibmcloud.com/vulnerabilities/34156

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0605
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html