Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-5509
Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote malicious users to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parame...
Woltlab Burning Book 1.1.2
1 EDB exploit
4.3
CVSSv2
CVE-2007-4020
Multiple cross-site scripting (XSS) vulnerabilities in login.php in AdMan 1.0.20051202 FF 3 patch and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters.
Brain Book Software Adman
7.5
CVSSv2
CVE-2009-2017
SQL injection vulnerability in products.php in Virtue Book Store allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Virtuenetz Virtue Book Store
1 EDB exploit
10
CVSSv2
CVE-2008-2638
Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and previous versions allows remote malicious users to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php.
1-script 1-book
1 EDB exploit
6.8
CVSSv2
CVE-2019-15770
The woo-address-book plugin prior to 1.6.0 for WordPress has save calls without nonce verification checks.
Hallme Woocommerce Address Book
6.8
CVSSv2
CVE-2007-2265
Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows remote malicious users to inject arbitrary web script or HTML via the City field in a sign action in index.php.
Phpee Ya Book 0.98 Alpha
4.3
CVSSv2
CVE-2006-2882
Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ASPScriptz Guest Book 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) GBOOK_UNAME, (2) GBOOK_EMAIL, (3) GBOOK_CITY, (4) GBOOK_COU, (5) GBOOK_WWW, and (6) GB...
Aspscriptz Aspscriptz Guest Book
6.8
CVSSv2
CVE-2009-1483
Unrestricted file upload vulnerability in upload-file.php in Adam Patterson Studio Lounge Address Book 2.5, as reachable from index2.php, allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct reque...
Studiolounge Address Book 2.5
1 EDB exploit
9.3
CVSSv2
CVE-2007-2919
Multiple stack-based buffer overflows in the FViewerLoading ActiveX control (FlipViewerX.dll) in E-Book Systems FlipViewer prior to 4.1 allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via long (1) UID, (2) Opf, (3) PAGENO, (4) LaunchMod...
E-book Systems Flipviewer
1 EDB exploit
4.3
CVSSv2
CVE-2002-2377
Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote malicious users to inject arbitrary SSi directives, web script, and HTML via the entry field.
Sephiroth32 Zap Book 1.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »