The remote host is running Justice Guestbook.
This set of CGI has two vulnerabilities :
- It is vulnerable to cross site scripting attacks (in jgb.php3)
- If the user requests the file cfooter.php3, he will obtain
the physical path of the remote CGI
An attacker may use these flaws to steal the cookies of your users
or to gain better knowledge about this host.
Solution : Delete this package
Risk factor : Low
BugTraq ID: 7233|
BugTraq ID: 7234
|Copyright||This script is Copyright (C) 2003 Renaud Deraison|
|This is only one of 93608 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.