CVE-2005-4596

Description

Cross-site scripting (XSS) vulnerability in read.php in AdesGuestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the totalRows_rsRead parameter.

Affected products

• ades_design / adesguestbook2.0 – 2.0

References

• MISChttp://www.osvdb.org/22111
• VENDOR_ADVISORYhttp://secunia.com/advisories/18244
• MISChttp://pridels0.blogspot.com/2005/12/adesguestbook-xss-vuln.html
• MISChttp://www.securityfocus.com/bid/16090
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/23909