Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2648
FlashDen Guestbook allows remote malicious users to obtain configuration information via a direct request to amfphp/phpinfo.php, which calls the phpinfo function.
Flashden Guestbook
9.8
CVSSv3
CVE-2014-125053
A vulnerability was found in Piwigo-Guest-Book up to 1.3.0. It has been declared as critical. This vulnerability affects unknown code of the file include/guestbook.inc.php of the component Navigation Bar. The manipulation of the argument start leads to sql injection. Upgrading to...
Piwigo Guestbook
NA
CVE-2015-0871
Cross-site scripting (XSS) vulnerability in Mrs. Shiromuku Perl CGI shiromuku(u1)GUESTBOOK 1.62 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Shiromuku Guestbook
NA
CVE-2008-3320
admin/index.php in Maian Guestbook 3.2 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary gbook_cookie cookie.
Maian Guestbook
1 EDB exploit
NA
CVE-2007-4937
CS Guestbook stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain the admin name and MD5 password hash via a direct request for base/usr/0.php.
Comscripts Cs Guestbook
1 EDB exploit
NA
CVE-2010-4358
Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in MRCGIGUY (MCG) Guestbook 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) email, (3) website, and (4) message parameters.
Mrcgiguy Guestbook 1.0
NA
CVE-2007-1486
PHP remote file inclusion vulnerability in template.class.php in Carbonize Lazarus Guestbook prior to 1.7.3 allows remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter to admin.php, probably due to a dynamic variable evaluation vulnerabilit...
Carbonize Lazarus Guestbook
NA
CVE-2006-2158
Dynamic variable evaluation vulnerability in index.php in Stadtaus Guestbook Script 1.7 and previous versions, when register_globals is enabled, allows remote malicious users to modify arbitrary program variables via parameters, which are evaluated as PHP variable variables, as d...
Stadtaus Guestbook Script
NA
CVE-2009-2440
Cross-site scripting (XSS) vulnerability in index.php in JNM Guestbook 3.0 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Jnmsolutions Guestbook 3.0
1 EDB exploit
NA
CVE-2003-1534
Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables.
Justice Media Guestbook
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »