12 matches found
EUVD-2002-0545
Malware in sbrugna...
EUVD-2006-4112
Malware in sbrugna...
gBook 1.4 Administrative Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6033/info A vulnerability has been discovered in gBook v1.4. It has been reported that it is possible for an unauthorized attacker to gain administrative access to gBook by passing a malicious request to a php script...
Simple One File Guestbook 1.0 Security Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19437/info Simple one-file guestbook is prone to a security-bypass vulnerability. An attacker can bypass authentication measures by using a specific URL to delete all guestbook entries. Version 1.0 of Simple one-file...
CVE-2008-6934
Static code injection vulnerability in Sanus|artificium aka Sanusart Free simple guestbook PHP script, when downloaded before 20081111, allows remote attackers to inject arbitrary PHP code into messages.txt via the message parameter to act.php, which is executed when guestbook/guestbook.php is...
Fantastic Guestbook v2.0.1 Advisory
.:. Fantastic Guestbook v2.0.1 Advisory .:. Date of written Advisory: ------------------------- July, 11 2006 Product: -------- Fantastic Guestbook v2.0.1 Vendor: ------- http://fscripts.com/ Description: ------------ Fantastic GuestBook version 2.0.1 is simple GuestBook; where remote user withou...
CVE-2005-1685
episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct request to admin.asp...
Jason Maloney's Guestbook XSS Vulnerability.
Introduction Jason Maloney's Guestbook is a simple CGI script which is both an easy to use and easy to setup guestbook script. The script fails to carefully sanitize user input, such as certain dangerous metacharacters, resulting in an XSS vulnerability. The Bug During the user-input parsing...
TSguestbook 2.1 - 'Message' HTML Injection
source: https://www.securityfocus.com/bid/8520/info It has been reported that TSguestbook may be prone to HTML injection attacks. The problem is said to occur due to insufficient sanitization of user-supplied input within the 'message' field. As a result, an attacker may post a guestbook entry...
gBook 1.4 - Administrative Access
gBook 1.4 - Administrative Access source: https://www.securityfocus.com/bid/6033/info A vulnerability has been discovered in gBook v1.4. It has been reported that it is possible for an unauthorized attacker to gain administrative access to gBook by passing a malicious request to a php script...
Lycos HTMLGear - guestGear CSS HTML Injection
source: https://www.securityfocus.com/bid/5728/info Lycos htmlGEAR guestGEAR does not sanitize HTML from CSS Cascading Style-Sheets elements in guestbook fields. An attacker could capitalize on this situation to include arbitrary HTML and script code in a guestbook entries, which would be rendere...
webcom.cgi.guestbook.txt
Date: Fri, 9 Apr 1999 20:41:39 +0100 From: Mnemonix To: [email protected] Subject: Webcom's CGI Guestbook for Win32 web servers I reported a while back on Webcom's www.webcom.se CGI Guestbook wguest.exe and rguest.exe having a number of security problems where any text based file o...