Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4923
SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote malicious users to execute arbitrary SQL commands via the bid parameter.
Virtuenetz Virtue Book Store
NA
CVE-2006-2882
Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ASPScriptz Guest Book 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) GBOOK_UNAME, (2) GBOOK_EMAIL, (3) GBOOK_CITY, (4) GBOOK_COU, (5) GBOOK_WWW, and (6) GB...
Aspscriptz Aspscriptz Guest Book
NA
CVE-2006-1398
Cross-site scripting (XSS) vulnerability in guestbook.php in G-Book 1.0 allows remote malicious users to inject arbitrary web script or HTML via the g_message parameter.
Sixal G-book 1.0
NA
CVE-2008-2638
Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and previous versions allows remote malicious users to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php.
1-script 1-book
1 EDB exploit
NA
CVE-2007-2265
Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows remote malicious users to inject arbitrary web script or HTML via the City field in a sign action in index.php.
Phpee Ya Book 0.98 Alpha
NA
CVE-2006-5508
Multiple SQL injection vulnerabilities in addentry.php in WoltLab Burning Book 1.1.2 allow remote malicious users to execute arbitrary SQL commands via (1) the n parameter and (2) the User-Agent HTTP header.
Woltlab Burning Book 1.1.2
1 EDB exploit
NA
CVE-2009-1483
Unrestricted file upload vulnerability in upload-file.php in Adam Patterson Studio Lounge Address Book 2.5, as reachable from index2.php, allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct reque...
Studiolounge Address Book 2.5
1 EDB exploit
NA
CVE-2009-2017
SQL injection vulnerability in products.php in Virtue Book Store allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Virtuenetz Virtue Book Store
1 EDB exploit
NA
CVE-2006-1374
SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and previous versions allows remote malicious users to execute arbitrary SQL commands via the transactions_offset parameter.
Brain Book Software Adman
1 EDB exploit
NA
CVE-2006-1375
AdMan 1.0.20051221 and previous versions allows remote malicious users to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.
Brain Book Software Adman
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »