Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mavili guestbook project vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-5296
Multiple cross-site scripting (XSS) vulnerabilities in Mavili Guestbook, as released in November 2007, allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) approve.asp, (2) delete.asp, (3) edit.asp, or (4) edit2.asp.
Mavili Guestbook Project Mavili Guestbook -
7.5
CVSSv2
CVE-2012-5297
SQL injection vulnerability in edit.asp in Mavili Guestbook, as released in November 2007, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Mavili Guestbook Project Mavili Guestbook -
5
CVSSv2
CVE-2012-5298
Mavili Guestbook, as released in November 2007, stores guestbook.mdb under the web root with insufficient access control, which allows remote malicious users to read the database via a direct request.
Mavili Guestbook Project Mavili Guestbook -
7.5
CVSSv2
CVE-2012-5299
Mavili Guestbook, as released in November 2007, allows remote malicious users to edit, delete, and approve arbitrary messages via a direct request to (1) edit.asp, (2) delete.asp, or (3) approve.asp.
Mavili Guestbook Project Mavili Guestbook -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started