WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. WX Guest Book 1.1.208 Vulns By xxHackerXzX hacker from nepal [email protected] Product name: WX Guestbook 1.1.208 Product vendor: http://www.ekin0x.com/r57.txt This product suffers from multiple SQLi and persistent XSS vuln. SQL Search Vuln The search...

CVE-2009-3328

WX-Guestbook 1.1.208 contains a cross-site scripting (XSS) flaw in sign.php, exploitable via the sName parameter (the name field). The vulnerability allows remote script or HTML injection. Root cause: insufficient input sanitization on sName leading to script execution in the browser context. Doc...

CVE-2009-3327

Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow remote attackers to execute arbitrary SQL commands via the 1 QUERY parameter to search.php and 2 USERNAME parameter to login.php. NOTE: some of these details are obtained from third party information...

WX Guestbook 1.1.208 - SQL Injection Persistent Cross-Site Scripting

WX Guestbook 1.1.208 - SQL Injection Persistent Cross-Site Scripting WX Guest Book 1.1.208 Vulns By learn3r hacker from nepal [email protected] Product name: WX Guestbook 1.1.208 Product vendor: www.webilix.com This product suffers from multiple SQLi and persistent XSS vuln. SQL Search Vu...

WX Guest Book 1.1.208 SQL Injection / XSS

WX Guest Book 1.1.208 Vulns By learn3r hacker from nepal [email protected] Product name: WX Guestbook 1.1.208 Product vendor: www.webilix.com This product suffers from multiple SQLi and persistent XSS vuln. SQL Search Vuln The search parameters/queries we submit to the search.php are...

WX-Guestbook 1.1.208 - SQL Injection / HTML Injection

source: https://www.securityfocus.com/bid/41741/info WX-Guestbook is prone to multiple SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to compromise the application, access or...