Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2005-3037
Cross-site scripting (XSS) vulnerability in Handy Address Book Server 1.1 allows remote malicious users to inject arbitrary web script or HTML via the SEARCHTEXT parameter in a demos URL.
Handy Address Book Handy Address Book Server 1.1
668
VMScore
CVE-2005-0284
SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote malicious users to execute arbitrary SQL commands via the user-agent parameter.
Woltlab Burning Book 1.0 Gold
Woltlab Burning Book 1.1.1e
435
VMScore
CVE-2004-1867
Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest Book allows remote malicious users to inject arbitrary web script or HTML via the Name field.
Web Fresh Fresh Guest Book 1.0
Web Fresh Fresh Guest Book 2.0
Web Fresh Fresh Guest Book 2.1
1 EDB exploit
312
VMScore
CVE-2022-1644
The Call&Book Mobile Bar WordPress plugin up to and including 1.2.2 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
Call\\&book Mobile Bar Project Call\\&book Mobile Bar
505
VMScore
CVE-2012-1670
admin/index.php in PHP Grade Book prior to 1.9.5 BETA allows remote malicious users to read the database via a SaveSQL action.
Phpgradebook Php Grade Book
Phpgradebook Php Grade Book 1.9.3
1 EDB exploit
445
VMScore
CVE-2018-13491
The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
Carrot Cartoon Book Coin Project Carrot Cartoon Book Coin -
685
VMScore
CVE-2009-2608
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2...
Chatelao Php Address Book 4.0.1
Chatelao Php Address Book 4.0.2
1 EDB exploit
NA
CVE-2022-45215
A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module.
Book Store Management System Project Book Store Management System 1.0
NA
CVE-2022-45217
A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module.
Book Store Management System Project Book Store Management System 1.0.0
NA
CVE-2022-45225
Book Store Management System v1.0 exists to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the book_title parameter.
Book Store Management System Project Book Store Management System 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »