Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2007-0605
Cross-site scripting (XSS) vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote malicious users to inject arbitrary web script or HTML via the picture parameter.
Advanced Guestbook Advanced Guestbook 2.4.2
1 EDB exploit
632
VMScore
CVE-2007-0608
Advanced Guestbook 2.4.2 allows remote malicious users to obtain sensitive information via an invalid (1) GB_TBL parameter to (a) lang/codes-english.php or (b) image.php, which reveal the database name; (2) an invalid GB_DB parameter to index.php, coupled with a ../index lang coo...
Advanced Guestbook Advanced Guestbook 2.4.2
515
VMScore
CVE-2007-0609
Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows remote malicious users to bypass .htaccess settings, and execute arbitrary PHP local files or read arbitrary local templates, via a .. (dot dot) in a lang cookie, followed by a filename without its .php extensio...
Advanced Guestbook Advanced Guestbook 2.4.2
1 EDB exploit
755
VMScore
CVE-2004-1952
SQL injection vulnerability in Advanced Guestbook 2.2 allows remote malicious users to execute arbitrary SQL commands and gain privileges via the password.
Advanced Guestbook Advanced Guestbook 2.2
1 EDB exploit
890
VMScore
CVE-2007-2100
FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/Gdb.mdb.
Fac Guestbook Fac Guestbook 2.0
890
VMScore
CVE-2007-2101
FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the details are obtained sole...
Fac Guestbook Fac Guestbook 3.01
685
VMScore
CVE-2015-8351
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin prior to 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: t...
Gwolle Guestbook Project Gwolle Guestbook
1 EDB exploit
NA
CVE-2021-36830
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Comment Guestbook plugin <= 0.8.0 at WordPress.
Comment Guestbook Project Comment Guestbook
668
VMScore
CVE-2006-5804
PHP remote file inclusion vulnerability in admin.php in Advanced Guestbook 2.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter.
Advanced Guestbook Advanced Guestbook 2.3.1
435
VMScore
CVE-2007-1479
Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter.
Creative Guestbook Creative Guestbook 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »