3 matches found
CVE-2005-4649
Multiple cross-site scripting XSS vulnerabilities in Advanced Guestbook 2.2 and 2.3.1 allow remote attackers to inject arbitrary web script or HTML via 1 the entry parameter in index.php and 2 the gbid parameter in comment.php. NOTE: The index.php/entry vector might be resultant from CVE-2005-154...
CVE-2005-1548
CVE-2005-1548 is an SQL injection vulnerability in the index.php of Advanced Guestbook 2.3.1 . The flaw occurs in the entry parameter , allowing remote attackers to execute arbitrary SQL commands. The underlying issue is an input validation flaw that fails to sanitize user input before database i...
Advanced Guestbook index.php entry Parameter SQL Injection
The remote host is running Advanced Guestbook - a guestbook written in PHP. The remote version of this software contains an input validation flaw leading to a SQL injection vulnerability. An attacker may exploit this flaw to execute arbitrary commands against the remote database. %NASLMINLEVEL...