Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2006-4325
Cross-site scripting (XSS) vulnerability in gbook.php in Doika guestbook 2.5, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Doika Doika Guestbook
383
VMScore
CVE-2010-4358
Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in MRCGIGUY (MCG) Guestbook 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) email, (3) website, and (4) message parameters.
Mrcgiguy Guestbook 1.0
505
VMScore
CVE-2007-1192
Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download an admin password hash via a direct request for data/gbconfiguration.dat.
Hyperbook Guestbook 1.30
1 EDB exploit
890
VMScore
CVE-2007-1486
PHP remote file inclusion vulnerability in template.class.php in Carbonize Lazarus Guestbook prior to 1.7.3 allows remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter to admin.php, probably due to a dynamic variable evaluation vulnerabilit...
Carbonize Lazarus Guestbook
383
VMScore
CVE-2006-3852
Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBook allows remote malicious users to execute arbitrary SQL commands via the (1) name or (2) comment ("text") fields.
Phptoys Micro Guestbook
505
VMScore
CVE-2009-4760
Winn ASP Guestbook 1.01 Beta stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for data/guestbook.mdb.
Winn Asp Guestbook 1.01
1 EDB exploit
605
VMScore
CVE-2002-1729
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote malicious users to execute arbitrary script as other users via the "web site" parameter in a guestbook message.
Aspjar Aspjar Guestbook 1.0
445
VMScore
CVE-2002-1730
ASPjar Guestbook 1.00 allows remote malicious users to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".
Aspjar Aspjar Guestbook 1.0
755
VMScore
CVE-2007-1933
Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) gb.php, or (3) faq.php.
Dreamcodes Pcp-guestbook 3.0
1 EDB exploit
383
VMScore
CVE-2006-2757
Cross-site scripting (XSS) vulnerability in Chipmunk guestbook allows remote malicious users to inject arbitrary web script or HTML via the (1) start parameter in (a) index.php; (2) forumID parameter in index.php, (b) newtopic.php, and (c) reply.php; and (3) ID parameter to (d) e...
Chipmunk Scripts Chipmunk Guestbook
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »