Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-2608
SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the "news database") under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information such as the unencrypted username and password of the adminis...
Smartwebby Smart Guest Book 2
7.5
CVSSv2
CVE-2005-1647
Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote malicious users to obtain and decrypt usernames and passwords.
Gurgens Gurgens Guest Book 2.1
6.8
CVSSv2
CVE-2006-6371
Cross-site scripting (XSS) vulnerability in pbguestbook.php in JAB Guest Book allows remote malicious users to inject arbitrary web script or HTML via the author parameter.
James Barnsley Jab Guest Book
4.3
CVSSv2
CVE-2013-1749
Cross-site scripting (XSS) vulnerability in edit.php in PHP Address Book 8.2.5 allows user-assisted remote malicious users to inject arbitrary web script or HTML via the Address field.
Chatelao Php Address Book 8.2.5
7.5
CVSSv2
CVE-2013-2778
Cross-site request forgery (CSRF) vulnerability in addressbook/register/delete_user.php in PHP Address Book 8.2.5 allows remote malicious users to hijack the authentication of administrators for requests that delete accounts, a different vulnerability than CVE-2013-0135.1.
Chatelao Php Address Book 8.2.5
7.5
CVSSv2
CVE-2020-35276
EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.
Egavilanmedia Ecm Address Book 1.0
7.5
CVSSv2
CVE-2020-29474
EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
Egavilanmedia Egm Address Book 1.0
7.5
CVSSv2
CVE-2020-10224
An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. The vulnerability could be exploited by an unauthenticated remote malicious user to upload content to the server, including PHP files, which could result in comm...
Phpgurukul Online Book Store 1.0
7.5
CVSSv2
CVE-2018-7312
SQL Injection exists in the Alexandria Book Library 3.1.2 component for Joomla! via the letter parameter.
Alexandriabooklibrary Alexandria Book Library 3.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2013-1748
Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote malicious users to execute arbitrary SQL commands via unspecified parameters to (1) edit.php or (2) import.php. NOTE: the view.php id vector is already covered by CVE-2008-2565.1 and the edit.php id vec...
Chatelao Php Address Book 8.2.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »