EUVD-2018-21933

MGB OpenSource Guestbook 0.7.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to email.php with crafted SQL payloads in the 'id' parameter to...

CVE-2018-25411 MGB OpenSource Guestbook 0.7.0.2 SQL Injection via email.php

MGB OpenSource Guestbook 0.7.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to email.php with crafted SQL payloads in the 'id' parameter to...

CVE-1999-0467

The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter...

JLex GuestBook 跨站脚本漏洞

JLex GuestBook is a visitor message board component of JLexArt open source. A cross-site scripting vulnerability exists in JLex GuestBook version 1.6.4, which stems from the presence of reflective cross-site scripting in the q URL parameter, which could lead to the injection of malicious script...

EUVD-2006-2768

Malware in sbrugna...

EUVD-2007-0920

Malware in sbrugna...

EUVD-2002-1476

Malware in sbrugna...

EUVD-2006-0864

Malware in sbrugna...

EUVD-2009-4414

Malware in sbrugna...

EUVD-2003-0473

Malware in sbrugna...

EUVD-2006-0479

Malware in sbrugna...

EUVD-2006-2770

Malware in sbrugna...

EUVD-2006-3613

Malware in sbrugna...

CVE-2025-57263

An authenticated SQL injection vulnerability in VX Guestbook 1.07 allows attackers with admin access to inject malicious SQL payloads via the "word" POST parameter in the words.php admin panel...

CVE-2005-4880

Jax Guestbook 3.1 and 3.31 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain IP addresses of users via a direct request to 1 guestbook, 2 guestbookips2block, 3 ips2block, and 4 formmailer/logfile.csv...

JFinalCMS Cross-Site Scripting Vulnerability

JFinalCMS is a content management system by heyewei personal developer. A cross-site scripting vulnerability exists in JFinalCMS version 5.0.0, which originates from cross-site scripting via the /gusetbook/save mobile parameter, allowing remote attackers to inject arbitrary web script or HTML...

168house.com XSS vulnerability

Open Bug Bounty ID: OBB-651909 Description| Value ---|--- Affected Website:| 168house.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2014-1944

Cross-site scripting XSS vulnerability in Ilch CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the text parameter to index.php/guestbook/index/newentry...

Unfixed XSS vulnerability at www.adigeya.com

Security researcher Sony, has submitted on 22/07/2010 a cross-site-scripting XSS vulnerability affecting www.adigeya.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently...

CVE-2008-6475

SQL injection vulnerability in the guestbook component components/guestbook/guestbook.php in Drake CMS 0.4.11 and earlier allows remote attackers to execute arbitrary SQL commands via the Via HTTP header HTTPVIA to index.php...