asp guestbook vulnerabilities and exploits

5
CVSSv2
CVE-2009-4760

Winn ASP Guestbook 1.01 Beta stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for data/guestbook.mdb....

WinnAsp Guestbook
4.3
CVSSv2
CVE-2012-5296

Multiple cross-site scripting (XSS) vulnerabilities in Mavili Guestbook, as released in November 2007, allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) approve.asp, (2) delete.asp, (3) edit.asp, or (4) edit2.asp....

6.4
CVSSv2
CVE-2006-2773

admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

5
CVSSv2
CVE-2010-0978

KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb....

KmsoftGuestbook
7.5
CVSSv2
CVE-2009-4447

Jax Guestbook 3.5.0 allows remote attackers to bypass authentication and modify administrator settings via a direct request to admin/guestbook.admin.php....

Jax ScriptsJax Guestbook
5
CVSSv2
CVE-2009-0498

Virtual GuestBook (vgbook) 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to guestbook.mdb....

MinitdesignVirtual Guestbook
5
CVSSv2
CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by...

Openssl