Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-3900
Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book 1.00 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the name parameter.
Tobias Kloy Tp-book
7.5
CVSSv2
CVE-2006-5509
Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote malicious users to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parame...
Woltlab Burning Book 1.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-2000
Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter.
Raphael Limbach Crea-book
1 EDB exploit
4.3
CVSSv2
CVE-2002-2377
Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote malicious users to inject arbitrary SSi directives, web script, and HTML via the entry field.
Sephiroth32 Zap Book 1.0.3
9.3
CVSSv2
CVE-2007-2919
Multiple stack-based buffer overflows in the FViewerLoading ActiveX control (FlipViewerX.dll) in E-Book Systems FlipViewer prior to 4.1 allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via long (1) UID, (2) Opf, (3) PAGENO, (4) LaunchMod...
E-book Systems Flipviewer
1 EDB exploit
NA
CVE-2022-3856
The Comic Book Management System WordPress plugin prior to 2.2.0 does not sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin.
Inksplat Comic Book Management System
NA
CVE-2023-6440
A vulnerability was found in SourceCodester Book Borrower System 1.0 and classified as problematic. This issue affects some unknown processing of the file endpoint/add-book.php. The manipulation of the argument Book Title/Book Author leads to cross site scripting. The attack may ...
Remyandrade Book Borrower System 1.0
4.3
CVSSv2
CVE-2009-4869
Cross-site scripting (XSS) vulnerability in index.php in Nasim Guest Book 1.2 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Hitronsoft Nasim Guest Book 1.2
1 EDB exploit
4.3
CVSSv2
CVE-2007-4021
Multiple cross-site scripting (XSS) vulnerabilities in login.php in Brain Book Software Secure 1.0.20070629 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters.
Brain Book Software Software Secure
7.5
CVSSv2
CVE-2013-0135
Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) addressbook/register/edit_user_save.php...
Chatelao Php Address Book 8.2.5
11 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »