Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-3852
Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBook allows remote malicious users to execute arbitrary SQL commands via the (1) name or (2) comment ("text") fields.
Phptoys Micro Guestbook
5
CVSSv2
CVE-2007-1192
Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download an admin password hash via a direct request for data/gbconfiguration.dat.
Hyperbook Guestbook 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2005-1684
Cross-site scripting (XSS) vulnerability in default.asp for episodex guestbook allows remote malicious users to inject arbitrary web script or HTML via the Name field and other fields.
Episodex Episodex Guestbook
7.5
CVSSv2
CVE-2005-1685
episodex guestbook allows remote malicious users to bypass authentication and edit scripts via a direct request to admin.asp.
Episodex Episodex Guestbook
5
CVSSv2
CVE-2010-0978
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/db.mdb.
Kmsoft Guestbook 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2008-2211
Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Guestbook 3.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) msg_script2 and (2) msg_script3 parameters.
Maianscriptworld Maian Guestbook 3.2
4.3
CVSSv2
CVE-2005-2650
Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters.
Emefa Emefa Guestbook 1.2
7.5
CVSSv2
CVE-2007-5189
Multiple SQL injection vulnerabilities in mes_add.php in x-script GuestBook 1.3a, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) name, (2) email, (3) icq, and (4) website parameters.
X-script Guestbook 1.3a
7.5
CVSSv2
CVE-2007-2093
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote malicious users to inject arbitrary PHP code into posts.txt via the message parameter.
Limesoft Limesoft Guestbook 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2005-4598
Cross-site scripting (XSS) vulnerability in home.php in OoApp Guestbook 2.1 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Ooapp Ooapp Guestbook 2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »