Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2006-1256
Cross-site scripting (XSS) vulnerability in guestbook.php in Soren Boysen (SkullSplitter) PHP Guestbook 2.6 allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Skullsplitter Php Guestbook
Skullsplitter Php Guestbook 2.7
7.5
CVSSv2
CVE-2006-4122
Simple one-file guestbook 1.0 and previous versions allows remote malicious users to bypass authentication and delete guestbook entries via a modified id parameter to guestbook.php.
Simple One-file Guestbook Simple One-file Guestbook
1 EDB exploit
4.3
CVSSv2
CVE-2005-1620
Cross-site scripting (XSS) vulnerability in Skull-Splitter Guestbook 1.0, 2.0 and 2.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) title or (2) content of a message.
Soren Boysen Skull-splitter Guestbook 1.0
Soren Boysen Skull-splitter Guestbook 2.0
Soren Boysen Skull-splitter Guestbook 2.2
1 EDB exploit
5
CVSSv2
CVE-2003-1571
Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database and obtain sensitive information via a direct request for database/WWGguestbook.mdb. NOTE: it was later reported th...
Webwizguide Web Wiz Guestbook 6.0
Webwizguide Web Wiz Guestbook 8.21
1 EDB exploit
4.3
CVSSv2
CVE-2005-4879
Multiple cross-site scripting (XSS) vulnerabilities in jax_guestbook.php in Jax Guestbook 3.1 and 3.31 allow remote malicious users to inject arbitrary web script or HTML via the (1) gmt_ofs and (2) language parameters. NOTE: the page parameter is already covered by CVE-2006-1913...
Jax Scripts Jax Guestbook 3.31
Jax Scripts Jax Guestbook 3.1
1 EDB exploit
5
CVSSv2
CVE-2005-4880
Jax Guestbook 3.1 and 3.31 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain IP addresses of users via a direct request to (1) guestbook, (2) guestbook_ips2block, (3) ips2block, and (4) formmailer/logfi...
Jax Scripts Jax Guestbook 3.3.1
Jax Scripts Jax Guestbook 3.1
4 EDB exploits
NA
CVE-2023-22985
Sourcecodester Simple Guestbook Management System version 1 is vulnerable to Cross Site Scripting (XSS) via Name, Referrer, Location, and Comments.
Simple Guestbook Management System Project Simple Guestbook Management System 1.0
6.8
CVSSv2
CVE-2007-1302
SQL injection vulnerability in guestbook.php in LI-Guestbook 1.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the country parameter. NOTE: it was later reported that 1.2 is also affected.
Li-scripts Li-guestbook 1.1
Li-scripts Li-guestbook 1.2
7.5
CVSSv2
CVE-2002-1410
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote malicious users to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.
Ben Chivers Ben Chivers Guestbook 1.0
Easy Scripts Archive Easy Guestbook 1.0
1 EDB exploit
5
CVSSv2
CVE-2009-2648
FlashDen Guestbook allows remote malicious users to obtain configuration information via a direct request to amfphp/phpinfo.php, which calls the phpinfo function.
Flashden Guestbook
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »