Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-125053
A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has been declared as critical. This vulnerability affects unknown code of the file include/guestbook.inc.php of the component Navigation Bar. The manipulation of the argument start leads to sql injection. Upgrading to...
Piwigo Guestbook
7.5
CVSSv2
CVE-2010-4987
SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote malicious users to execute arbitrary SQL commands via the p parameter.
Kmsoft Guestbook -
1 EDB exploit
7.5
CVSSv2
CVE-2008-3320
admin/index.php in Maian Guestbook 3.2 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary gbook_cookie cookie.
Maian Guestbook
1 EDB exploit
5
CVSSv2
CVE-2009-2648
FlashDen Guestbook allows remote malicious users to obtain configuration information via a direct request to amfphp/phpinfo.php, which calls the phpinfo function.
Flashden Guestbook
4.3
CVSSv2
CVE-2003-1534
Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables.
Justice Media Guestbook
6.4
CVSSv2
CVE-2006-2158
Dynamic variable evaluation vulnerability in index.php in Stadtaus Guestbook Script 1.7 and previous versions, when register_globals is enabled, allows remote malicious users to modify arbitrary program variables via parameters, which are evaluated as PHP variable variables, as d...
Stadtaus Guestbook Script
4.3
CVSSv2
CVE-2006-3616
Multiple cross-site scripting (XSS) vulnerabilities in Carbonize Lazarus Guestbook 1.6 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the show parameter in codes-english.php and (2) the img parameter in picture.php, after the nam...
Carbonize Lazarus Guestbook
2 EDB exploits
4.3
CVSSv2
CVE-2006-3852
Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBook allows remote malicious users to execute arbitrary SQL commands via the (1) name or (2) comment ("text") fields.
Phptoys Micro Guestbook
5
CVSSv2
CVE-2010-0978
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/db.mdb.
Kmsoft Guestbook 1.0
1 EDB exploit
5
CVSSv2
CVE-1999-0467
The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote malicious user to read arbitrary files using the "template" parameter.
Webcom Cgi Guestbook
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »