Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5804
PHP remote file inclusion vulnerability in admin.php in Advanced Guestbook 2.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter.
Advanced Guestbook Advanced Guestbook 2.3.1
NA
CVE-2007-0530
Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter to (1) index.php, (2) addentry.php, or (3) picture.php, a different set of vectors than CVE-2006-5804....
Advanced Guestbook Advanced Guestbook 2.4.2
NA
CVE-2005-1548
SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote malicious users to execute arbitrary SQL commands via the entry parameter.
Advanced Guestbook Advanced Guestbook 2.3.1
1 EDB exploit
NA
CVE-2007-0608
Advanced Guestbook 2.4.2 allows remote malicious users to obtain sensitive information via an invalid (1) GB_TBL parameter to (a) lang/codes-english.php or (b) image.php, which reveal the database name; (2) an invalid GB_DB parameter to index.php, coupled with a ../index lang coo...
Advanced Guestbook Advanced Guestbook 2.4.2
NA
CVE-2007-0609
Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows remote malicious users to bypass .htaccess settings, and execute arbitrary PHP local files or read arbitrary local templates, via a .. (dot dot) in a lang cookie, followed by a filename without its .php extensio...
Advanced Guestbook Advanced Guestbook 2.4.2
1 EDB exploit
6.1
CVSSv3
CVE-2021-24980
The Gwolle Guestbook WordPress plugin prior to 4.2.0 does not sanitise and escape the gwolle_gb_user_email parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in an admin page
Gwolle Guestbook Project Gwolle Guestbook
NA
CVE-2004-1952
SQL injection vulnerability in Advanced Guestbook 2.2 allows remote malicious users to execute arbitrary SQL commands and gain privileges via the password.
Advanced Guestbook Advanced Guestbook 2.2
1 EDB exploit
NA
CVE-2002-0457
Cross-site scripting vulnerability in signgbook.php for BG GuestBook 1.0 allows remote malicious users to execute arbitrary Javascript via encoded tags such as <, >, and & in fields such as (1) name, (2) email, (3) AIM screen name, (4) website, (5) location,...
Bg Guestbook Bg Guestbook 1.0
NA
CVE-2012-5296
Multiple cross-site scripting (XSS) vulnerabilities in Mavili Guestbook, as released in November 2007, allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) approve.asp, (2) delete.asp, (3) edit.asp, or (4) edit2.asp.
Mavili Guestbook Project Mavili Guestbook -
NA
CVE-2012-5297
SQL injection vulnerability in edit.asp in Mavili Guestbook, as released in November 2007, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Mavili Guestbook Project Mavili Guestbook -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »