Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
guestbook vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2007-5821
Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) the lng parameter to (a) guestbook.php, (b) admin/admin.guestbook.php, or (c) auto/glob_new...
Dm Guestbook Dm Guestbook
1 EDB exploit
515
VMScore
CVE-2006-4788
PHP remote file inclusion vulnerability in includes/log.inc.php in Telekorn SignKorn Guestbook (SL) 1.3 and previous versions, when register_globals is enabled and _SESSION[permission] parameter is set to "yes", allows remote malicious users to execute arbitrary PHP cod...
Telekorn Signkorn Guestbook
Telekorn Signkorn Guestbook 1.1
Telekorn Signkorn Guestbook 1.2
1 EDB exploit
615
VMScore
CVE-2006-4889
Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKorn Guestbook (SL) 1.3 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the dir_path parameter in (1) index.php, (2) includes/functi...
Telekorn Signkorn Guestbook
Telekorn Signkorn Guestbook 1.1
Telekorn Signkorn Guestbook 1.2
21 EDB exploits
435
VMScore
CVE-2007-0605
Cross-site scripting (XSS) vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote malicious users to inject arbitrary web script or HTML via the picture parameter.
Advanced Guestbook Advanced Guestbook 2.4.2
1 EDB exploit
383
VMScore
CVE-2009-2224
Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the g_lang parameter.
An Guestbook An Guestbook 0.7.8
435
VMScore
CVE-2007-1479
Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter.
Creative Guestbook Creative Guestbook 1.0
1 EDB exploit
515
VMScore
CVE-2006-6487
Cross-site scripting (XSS) vulnerability in index.php in DT Guestbook (dt_guestbook) 1.0f, when register_globals is enabled, allows remote malicious users to inject arbitrary web script or HTML via the error[] parameter.
Dt Guestbook Dt Guestbook 1.0f
1 EDB exploit
445
VMScore
CVE-2012-5298
Mavili Guestbook, as released in November 2007, stores guestbook.mdb under the web root with insufficient access control, which allows remote malicious users to read the database via a direct request.
Mavili Guestbook Project Mavili Guestbook -
685
VMScore
CVE-2015-8351
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin prior to 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: t...
Gwolle Guestbook Project Gwolle Guestbook
1 EDB exploit
231
VMScore
CVE-2006-3062
Cross-site scripting (XSS) vulnerability in index.php in myPHP Guestbook 2.0.4 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Myphp Guestbook Myphp Guestbook 2.0.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »