VULHUB ™

Kv Guestbook is a web based guest book message board maintained by KillerVault. Kv Guestbook does not filter script code from URL parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the 'guestbook.php' script. Such a malicious link might be included in a HTML e-mail or on a malicious webpage. This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users of Kv Guestbook.

Kv Guestbook is a web based guest book message board maintained by KillerVault. Kv Guestbook does not filter script code from URL parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the 'guestbook.php' script. Such a malicious link might be included in a HTML e-mail or on a malicious webpage. This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users of Kv Guestbook.