Telekorn Signkorn Guestbook 1.x - includesfunctions.admin.php?dir_path Remote File Inclusion

Telekorn Signkorn Guestbook 1.x - includesfunctions.admin.php?dirpath Remote File Inclusion source: https://www.securityfocus.com/bid/19977/info Telekorn Signkorn Guestbook is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. This...

CVE-2006-3063

Multiple cross-site scripting XSS vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and before 2.0.1 RC5 allow remote attackers to inject arbitrary web script or HTML via the 1 comment, 2 email, 3 homepage, 4 id, 5 name, and 6 text parameters in a index.php, the 7 comment, 8 email, 9...

[UNIX] MPM Guestbook Multiple Vulnerabilities (CSS, Path Disclosure)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Justice Guestbook 1.3 vulnerabilities

=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: Justice Guestbook 1.3 vulnerabilities product: Justice Guestbook 1.3 vendor: http://www.justice-media.de risk: high date: 03/29/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/017.en.txt...

Justice Guestbook 1.3 Multiple Vulnerabilities

The remote host is running Justice Guestbook. This set of CGI has two vulnerabilities : - It is vulnerable to cross-site scripting attacks in jgb.php3. - If the user requests the file cfooter.php3, he will obtain the physical path of the remote CGI. An attacker may use these flaws to steal the...

Beanwebb's Guestbook 1.0 Multiple Vulnerabilities

The remote host is running Beanwebb's Guestbook. This set of CGIs has two vulnerabilities : - Anyone can access the admin page admin.php - It is vulnerable to cross-site scripting attacks in add.php An attacker may use these flaws to steal the cookies of your users or to inject fake information i...

ftls.org Guestbook 1.1 Script Injection

ftls.org Guestbook 1.1 Script Injection Vulnerabilities Discovered By BrainRawt [email protected] About MyGuestbook: ------------------ Your basic guestbook that can be downloaded at http://www.ftls.org/en/examples/cgi/Guestbook.shtmls1. Vulnerable tested Versions: --------------------...

Easy Guestbook Vulnerabilities

AresU Advisory 19/July/2002 Easy Guestbook Vulnerabilities Severity : High Possible to edit member homepage Systems Affected: Easy Guestbook v1.0 Vendor URL : http://www.easyscripts.co.uk Vuln Type : It does not use Access Validation to delete the entries and login as Admin Control. Author : Ares...

Achims Guestbook, InertiaNews, Pollen, MyPhpChat, mcPass

Product 1 : Achims Guestbook 2.51 and less? http://www.lkcc.org:8500/index.php Problem : - Informations Disclosure Exploits : - /data/.dat e.g. : data.dat - /temp/.tmp e.g. : ip.tmp Product 2 : InertiaNews 0.02 beta http://www.brentc.com Problem : - Require; Exploit : -...

Several x-dev.de Guestbook and xNewsletter Vulnerabilities ( www.x-dev.de )

------------------------------------------------------------ itcp advisory 12 [email protected] http://www.it-checkpoint.net/advisory/12.html April 14th, 2002 - ------------------------------------------------------------ Several x-dev.de Guestbook and xNewsletter Vulnerabilities...