Published: 11/08/2009 Updated: 29/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Free Simple Guestbook Php Script

Static code injection vulnerability in Sanus|artificium (aka Sanusart) Free simple guestbook PHP script, when downloaded prior to 20081111, allows remote malicious users to inject arbitrary PHP code into messages.txt via the message parameter to act.php, which is executed when guestbook/guestbook.php is accessed. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sansuart free simple guestbook php script

_____ ____ __ __ _ ____ ____ ____ |_ _| | _ \ \ \ / / / \ / ___| / ___| / ___| | | | |_) | \ V / / _ \ | | _ | | | | | | | _ < | | / ___ \ | |_| | _ | |___ | |___ |_| |_| \_\ |_| /_/ \_\ \____| (_) \____| \____| ...

CWE-94 http://secunia.com/advisories/32643 http://www.sanusart.com/news.php http://www.vupen.com/english/advisories/2008/3095 http://osvdb.org/49703 http://www.securityfocus.com/bid/32240 https://exchange.xforce.ibmcloud.com/vulnerabilities/46526 https://www.exploit-db.com/exploits/7079 https://nvd.nist.gov https://www.exploit-db.com/exploits/7079/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-6934

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect