Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2002-2377
Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote malicious users to inject arbitrary SSi directives, web script, and HTML via the entry field.
Sephiroth32 Zap Book 1.0.3
7.5
CVSSv2
CVE-2006-1374
SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and previous versions allows remote malicious users to execute arbitrary SQL commands via the transactions_offset parameter.
Brain Book Software Adman
1 EDB exploit
7.5
CVSSv2
CVE-2006-5508
Multiple SQL injection vulnerabilities in addentry.php in WoltLab Burning Book 1.1.2 allow remote malicious users to execute arbitrary SQL commands via (1) the n parameter and (2) the User-Agent HTTP header.
Woltlab Burning Book 1.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2006-5509
Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote malicious users to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parame...
Woltlab Burning Book 1.1.2
1 EDB exploit
5
CVSSv2
CVE-2006-1375
AdMan 1.0.20051221 and previous versions allows remote malicious users to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.
Brain Book Software Adman
6.8
CVSSv2
CVE-2006-3900
Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book 1.00 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the name parameter.
Tobias Kloy Tp-book
4.3
CVSSv2
CVE-2006-1398
Cross-site scripting (XSS) vulnerability in guestbook.php in G-Book 1.0 allows remote malicious users to inject arbitrary web script or HTML via the g_message parameter.
Sixal G-book 1.0
6.8
CVSSv2
CVE-2007-1937
PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the config parameter.
Dreamcodes Scorp Book 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2006-2882
Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ASPScriptz Guest Book 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) GBOOK_UNAME, (2) GBOOK_EMAIL, (3) GBOOK_CITY, (4) GBOOK_COU, (5) GBOOK_WWW, and (6) GB...
Aspscriptz Aspscriptz Guest Book
7.5
CVSSv2
CVE-2010-4923
SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote malicious users to execute arbitrary SQL commands via the bid parameter.
Virtuenetz Virtue Book Store
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »