Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
an guestbook an guestbook vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2002-1493
Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote malicious users to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
Lycos Htmlgear Guestgear
1 EDB exploit
5
CVSSv2
CVE-2006-0859
Michael Salzer Guestbox 0.6, and other versions prior to 0.8, allows remote malicious users to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter.
Michael Salzer Guestbox 0.6
4.3
CVSSv2
CVE-2018-8805
Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protected\apps\default\view\default\extend_guestbook.php or protected\apps\default\view\mobile\extend_guestbook.php in an index.php?r=default/column/index&col=guestbook request.
Yxcms Yxcms 1.4.7
10
CVSSv2
CVE-2002-0491
admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote malicious users to bypass the authentication and gain privileges by setting the admin cookie to an arbitrary value.
Alguest Alguest 1.0
5
CVSSv2
CVE-2003-0979
FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote malicious users to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be delete...
Freescripts Visitorbook Le
6.8
CVSSv2
CVE-2006-2808
Cross-site scripting (XSS) vulnerability in Lycos Tripod htmlGEAR guestGEAR (aka Guest Gear) allows remote malicious users to inject arbitrary web script or HTML via a guestbook post containing a javascript URI in the SRC attribute of the BR element after an extra "iframe&qu...
Lycos Htmlgear Guestgear
6.4
CVSSv2
CVE-2002-0462
bigsam_guestbook.php for Big Sam (Built-In Guestbook Stand-Alone Module) 1.1.08 and previous versions allows remote malicious users to cause a denial of service (CPU consumption) or obtain the absolute path of the web server via a displayBegin parameter with a very large number, ...
Big Sam Big Sam 1.1.08
7.5
CVSSv2
CVE-2006-4477
Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote malicious users to execute arbitrary PHP code via an empty GLOBALS[rootdp] parameter and an ftps URL in the (1) GLOBALS[admin_home] parameter in (a) diary/event_list.php, (b) galler...
Visualshapers Ezcontents 2.0.3
10 EDB exploits
4.3
CVSSv2
CVE-2009-3803
Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS 5.4.0.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the status_message parameter to (1) /news, (2) /comment, (3) /forum, (4) /blog, and (5) /tags; the status_message...
Amirocms Amiro.cms
Amirocms Amiro.cms 5.2.3
Amirocms Amiro.cms 4.2.2.0
Amirocms Amiro.cms 4.2.1.0
Amirocms Amiro.cms 5.0.7
Amirocms Amiro.cms 4.2.5
Amirocms Amiro.cms 4.2.4
Amirocms Amiro.cms 4.2.3.0
Amirocms Amiro.cms 5.2.2
Amirocms Amiro.cms 5.2
Amirocms Amiro.cms 4.2.0.5
Amirocms Amiro.cms 4.0.8.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3