Multiple bugs in EditTag

Script: EditTag Version: 1.2 Author: Greg Billock ([EMAIL PROTECTED]) Discoverer: NetJackal (nima_501[4T]yAhoo[D0T]com - nj[4T]hackerz[D0T]ir) I am sorry for my BAD English. Description: 1) Local file injection: An attacker can use edittag.cgi or edittag_mp.cgi (maybe .pl) to inject files (ex

XSS in JAB Guest Book

Script Name: JAB Guest Book Authors: [EMAIL PROTECTED] Website: James Barnsley Bug Report: NetJackal (nj[AT]hackerz[DOT]ir & nima_501[AT]yahoo[DOT]com) Status: Patch not released First i should apologize for my bad english. Intro: JAB Guest Book is a free guest book written in PHP

Multiple bugs in TFT-Gallery

Script Name: TFT-Gallery Authors: Mike Scalora, Eric Thelin, Sascha Lorenz & Jan Berndt Website: http://tftgallery.sourceforge.net Bug Report: NetJackal (nj[AT]hackerz[DOT]ir & nima_501[AT]yahoo[DOT]com) Status: Patch not released First i should apologize for my bad english. Intro: