CVE-2006-3568

Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, or (3) nickname parameters.

Date published : 2006-07-12

http://www.securityfocus.com/bid/18942

http://www.securityfocus.com/archive/1/440152/100/100/threaded