Vulnonym.org

CVE-2008-2188 - Dyed in the wool Clump

Description

Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) bookCopyright and (2) ver parameters to (a) footer.php and the (3) bookName (4) bookMetaTags and (5) estiloCSS parameters to (b) header.php.

Reference

http://www.securityfocus.com/bid/29015 http://securityreason.com/securityalert/3873 https://exchange.xforce.ibmcloud.com/vulnerabilities/42147 http://www.securityfocus.com/archive/1/491549/100/0/threaded