Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2006-3062
Cross-site scripting (XSS) vulnerability in index.php in myPHP Guestbook 2.0.4 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Myphp Guestbook Myphp Guestbook 2.0.4
7.5
CVSSv2
CVE-2007-1480
Creative Guestbook 1.0 allows remote malicious users to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set.
Creative Guestbook Creative Guestbook 1.0
1 EDB exploit
7.1
CVSSv2
CVE-2007-0608
Advanced Guestbook 2.4.2 allows remote malicious users to obtain sensitive information via an invalid (1) GB_TBL parameter to (a) lang/codes-english.php or (b) image.php, which reveal the database name; (2) an invalid GB_DB parameter to index.php, coupled with a ../index lang coo...
Advanced Guestbook Advanced Guestbook 2.4.2
4.3
CVSSv2
CVE-2009-2224
Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the g_lang parameter.
An Guestbook An Guestbook 0.7.8
4.3
CVSSv2
CVE-2021-24980
The Gwolle Guestbook WordPress plugin prior to 4.2.0 does not sanitise and escape the gwolle_gb_user_email parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in an admin page
Gwolle Guestbook Project Gwolle Guestbook
7.5
CVSSv2
CVE-2006-5804
PHP remote file inclusion vulnerability in admin.php in Advanced Guestbook 2.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter.
Advanced Guestbook Advanced Guestbook 2.3.1
4.3
CVSSv2
CVE-2007-0605
Cross-site scripting (XSS) vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote malicious users to inject arbitrary web script or HTML via the picture parameter.
Advanced Guestbook Advanced Guestbook 2.4.2
1 EDB exploit
6.8
CVSSv2
CVE-2015-8351
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin prior to 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: t...
Gwolle Guestbook Project Gwolle Guestbook
1 EDB exploit
7.6
CVSSv2
CVE-2002-0457
Cross-site scripting vulnerability in signgbook.php for BG GuestBook 1.0 allows remote malicious users to execute arbitrary Javascript via encoded tags such as <, >, and & in fields such as (1) name, (2) email, (3) AIM screen name, (4) website, (5) location,...
Bg Guestbook Bg Guestbook 1.0
7.5
CVSSv2
CVE-2005-1548
SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote malicious users to execute arbitrary SQL commands via the entry parameter.
Advanced Guestbook Advanced Guestbook 2.3.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »