Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-35276
EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.
Egavilanmedia Ecm Address Book 1.0
7.5
CVSSv2
CVE-2013-1748
Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote malicious users to execute arbitrary SQL commands via unspecified parameters to (1) edit.php or (2) import.php. NOTE: the view.php id vector is already covered by CVE-2008-2565.1 and the edit.php id vec...
Chatelao Php Address Book 8.2.5
1 EDB exploit
4.3
CVSSv2
CVE-2013-1749
Cross-site scripting (XSS) vulnerability in edit.php in PHP Address Book 8.2.5 allows user-assisted remote malicious users to inject arbitrary web script or HTML via the Address field.
Chatelao Php Address Book 8.2.5
7.5
CVSSv2
CVE-2018-7312
SQL Injection exists in the Alexandria Book Library 3.1.2 component for Joomla! via the letter parameter.
Alexandriabooklibrary Alexandria Book Library 3.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2013-0135
Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) addressbook/register/edit_user_save.php...
Chatelao Php Address Book 8.2.5
11 EDB exploits
5
CVSSv2
CVE-2004-2608
SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the "news database") under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information such as the unencrypted username and password of the adminis...
Smartwebby Smart Guest Book 2
3.5
CVSSv2
CVE-2021-24614
The Book appointment online WordPress plugin prior to 1.39 does not sanitise or escape Service Prices before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Oz-plugin Book Appointment Online
6.8
CVSSv2
CVE-2010-1059
Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter. NOTE: the...
Phpkobo Address Book Script 1.09
7.5
CVSSv2
CVE-2020-29474
EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
Egavilanmedia Egm Address Book 1.0
4.3
CVSSv2
CVE-2009-4869
Cross-site scripting (XSS) vulnerability in index.php in Nasim Guest Book 1.2 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Hitronsoft Nasim Guest Book 1.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »