3 matches found
EUVD-2002-0488
Malware in sbrugna...
Alguest 1.1 - start SQL Injection
Alguest 1.1 - start SQL Injection source: https://www.securityfocus.com/bid/45214/info Alguest is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
CVE-2002-0491
admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privileges by setting the admin cookie to an arbitrary value...