Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5821
Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) the lng parameter to (a) guestbook.php, (b) admin/admin.guestbook.php, or (c) auto/glob_new...
Dm Guestbook Dm Guestbook
1 EDB exploit
NA
CVE-2006-4788
PHP remote file inclusion vulnerability in includes/log.inc.php in Telekorn SignKorn Guestbook (SL) 1.3 and previous versions, when register_globals is enabled and _SESSION[permission] parameter is set to "yes", allows remote malicious users to execute arbitrary PHP cod...
Telekorn Signkorn Guestbook
Telekorn Signkorn Guestbook 1.1
Telekorn Signkorn Guestbook 1.2
1 EDB exploit
NA
CVE-2006-4889
Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKorn Guestbook (SL) 1.3 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the dir_path parameter in (1) index.php, (2) includes/functi...
Telekorn Signkorn Guestbook
Telekorn Signkorn Guestbook 1.1
Telekorn Signkorn Guestbook 1.2
21 EDB exploits
6.1
CVSSv3
CVE-2018-17884
XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook (gwolle-gb) plugin prior to 2.5.4 for WordPress via the PATH_INFO to wp-admin/index.php
Gwolle Guestbook Project Gwolle Guestbook
NA
CVE-2006-2975
Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote malicious users to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses ...
Pbl Guestbook Pbl Guestbook 1.31
NA
CVE-2006-3062
Cross-site scripting (XSS) vulnerability in index.php in myPHP Guestbook 2.0.4 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Myphp Guestbook Myphp Guestbook 2.0.4
6.1
CVSSv3
CVE-2021-24980
The Gwolle Guestbook WordPress plugin prior to 4.2.0 does not sanitise and escape the gwolle_gb_user_email parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in an admin page
Gwolle Guestbook Project Gwolle Guestbook
NA
CVE-2005-3588
SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 allows remote malicious users to execute arbitrary SQL commands and gain privileges via the username field.
Advanced Guestbook Advanced Guestbook 2.2
NA
CVE-2007-0530
Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter to (1) index.php, (2) addentry.php, or (3) picture.php, a different set of vectors than CVE-2006-5804....
Advanced Guestbook Advanced Guestbook 2.4.2
NA
CVE-2002-0457
Cross-site scripting vulnerability in signgbook.php for BG GuestBook 1.0 allows remote malicious users to execute arbitrary Javascript via encoded tags such as <, >, and & in fields such as (1) name, (2) email, (3) AIM screen name, (4) website, (5) location,...
Bg Guestbook Bg Guestbook 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »