Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4987
SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote malicious users to execute arbitrary SQL commands via the p parameter.
Kmsoft Guestbook -
1 EDB exploit
9.8
CVSSv3
CVE-2014-125053
A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has been declared as critical. This vulnerability affects unknown code of the file include/guestbook.inc.php of the component Navigation Bar. The manipulation of the argument start leads to sql injection. Upgrading to...
Piwigo Guestbook
NA
CVE-2009-2648
FlashDen Guestbook allows remote malicious users to obtain configuration information via a direct request to amfphp/phpinfo.php, which calls the phpinfo function.
Flashden Guestbook
NA
CVE-2008-3320
admin/index.php in Maian Guestbook 3.2 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary gbook_cookie cookie.
Maian Guestbook
1 EDB exploit
NA
CVE-2007-0354
SQL injection vulnerability in email.php in MGB OpenSource Guestbook 0.5.4.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Mgb Opensource Guestbook
1 EDB exploit
NA
CVE-2007-0542
Cross-site scripting (XSS) vulnerability in show.php in 212cafe Guestbook 4.00 beta allows remote malicious users to inject arbitrary web script or HTML via the user parameter.
212cafe Guestbook 4.00 Beta
NA
CVE-2007-1192
Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download an admin password hash via a direct request for data/gbconfiguration.dat.
Hyperbook Guestbook 1.30
1 EDB exploit
NA
CVE-2003-1348
Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote malicious users to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field.
Ftls Guestbook 1.1
1 EDB exploit
NA
CVE-2005-1684
Cross-site scripting (XSS) vulnerability in default.asp for episodex guestbook allows remote malicious users to inject arbitrary web script or HTML via the Name field and other fields.
Episodex Episodex Guestbook
NA
CVE-2007-4937
CS Guestbook stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain the admin name and MD5 password hash via a direct request for base/usr/0.php.
Comscripts Cs Guestbook
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »