Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-2772
Cross-site scripting (XSS) vulnerability in add.asp in Hogstorps hogstorp guestbook 2.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) email, and (3) headline parameters. NOTE: the provenance of this information is unknown; the details ...
Hogstorps Hogstorp Guestbook 2.0
7.5
CVSSv2
CVE-2004-1554
PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote malicious users to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code.
Alexphpteam Alex Guestbook 3.12
1 EDB exploit
6.8
CVSSv2
CVE-2006-6278
Cross-site scripting (XSS) vulnerability in index.php in @lex Guestbook 4.0.1 allows remote malicious users to inject arbitrary web script or HTML via the skin parameter.
Alexphpteam Alex Guestbook 4.0.1
5
CVSSv2
CVE-2006-6279
index.php in @lex Guestbook 4.0.1 allows remote malicious users to obtain sensitive information via a skin parameter referencing a nonexistent skin, which reveals the installation path in an error message.
Alexphpteam Alex Guestbook 4.0.1
4.3
CVSSv2
CVE-2003-1556
Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote malicious users to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters.
Cgi City Cc Guestbook
5
CVSSv2
CVE-2005-3517
Chipmunk Scripts Guestbook allows remote malicious users to obtain the installation path of the script via a URL that causes an error message to be displayed, such as a URL that contains a single quote (') in the start parameter of index.php.
Chipmunk Scripts Chipmunk Guestbook
5
CVSSv2
CVE-2003-1535
Justice Guestbook 1.3 allows remote malicious users to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message.
Justice Media Guestbook 1.3
1 EDB exploit
5
CVSSv2
CVE-2009-0498
Virtual GuestBook (vgbook) 2.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request to guestbook.mdb.
Minitdesign Virtual Guestbook 2.1
1 EDB exploit
4.3
CVSSv2
CVE-2005-4597
Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 1.7 allows remote malicious users to inject arbitrary web script or HTML via the email parameter, as used by the email field, when signing a guestbook.
Epistream Ipei Guestbook 1.7
7.5
CVSSv2
CVE-2006-4007
PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote malicious users to execute arbitrary PHP code via a URL in the GB_PATH parameter.
Knusperleicht Knusperleicht Guestbook 3.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »