CVE-2006-3900

The CVE-2006-3900 entry describes a Cross-site Scripting (XSS) vulnerability in TP-Book, affecting guestbook.php in version 1.00 and earlier. The issue arises via the name parameter, allowing remote attackers to inject arbitrary web script or HTML. The NVD CVSS vector (AV:N/AC:M/Au:N/C:P/I:P/A:P)...

CVE-2006-3063

The CVE-2006-3063 entry describes multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and prior to 2.0.1 RC5. The flaw allows remote attackers to inject arbitrary script or HTML via user-supplied content in specific parameters across multiple pages: (a) ind...

CVE-2006-1398

Cross-site scripting XSS vulnerability in guestbook.php in G-Book 1.0 allows remote attackers to inject arbitrary web script or HTML via the gmessage parameter...

CVE-2006-1398

The CVE-2006-1398 entry describes a Cross-site scripting (XSS) vulnerability in G-Book 1.0, specifically in guestbook.php where the g_message parameter can be exploited by remote attackers to inject arbitrary web script or HTML. The vulnerability is caused by inadequate sanitization of input, all...

CVE-2006-1256

The CVE-2006-1256 entry corresponds to a cross-site scripting (XSS) vulnerability in Skull-Splitter’s PHP Guestbook (guestbook.php). Affected versions are 2.6 (and 2.7 per incident data) of Skull-Splitter’s PHP Guestbook. The root cause is improper sanitization of the url parameter, allowing remo...

Cross site scripting

Cross-site scripting XSS vulnerability in guestbook.php in my little homepage my little guestbook, as last modified in March 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags...

CVE-2006-0472

The CVE-2006-0472 entry describes a Cross-site scripting (XSS) vulnerability in guestbook.php of "my little homepage my little guestbook" (last modified March 2004). The issue permits remote attackers to inject arbitrary JavaScript via a javascript: URI embedded in BBcode link tags. Connected rec...

CVE-2006-0472

Cross-site scripting XSS vulnerability in guestbook.php in my little homepage my little guestbook, as last modified in March 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags...

CVE-2006-0078

CVE-2006-0078 affects B-net Software 1.0. The described vulnerability is multiple cross-site scripting (XSS) where an attacker can inject arbitrary script/HTML via (1) name and (2) shout to shout.php, or (3) title and (4) message to guestbook.php. The description specifies the affected 1.0 versio...

CVE-2006-0078

Multiple cross-site scripting XSS vulnerabilities in B-net Software 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 name and 2 shout variables to a shout.php, or the 3 title and 4 message variables to b guestbook.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in B-net Software 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 name and 2 shout variables to a shout.php, or the 3 title and 4 message variables to b guestbook.php...

CVE-2005-4478

Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 menuid parameter to a index.php and b guestbook.php, and the 2 forumid and 3 reporeidprint parameters to c print.php...

CVE-2005-4478

Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 menuid parameter to a index.php and b guestbook.php, and the 2 forumid and 3 reporeidprint parameters to c print.php...

NETonE PHPBook 1.4.6 - Guestbook.php Cross-Site Scripting

NETonE PHPBook 1.4.6 - Guestbook.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14390/info NETonE PHPBook is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input to the 'admin' parameter of the 'guestbook.php'...

NETonE PHPBook 1.4.6 - 'Guestbook.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14390/info NETonE PHPBook is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input to the 'admin' parameter of the 'guestbook.php' script. A successful exploit could allow an attacker to steal...

CVE-2005-1644

The CVE-2005-1644 entry documents a cross-site scripting (XSS) vulnerability in 1Two Livre d’Or 1.0’s guestbook.php. The vulnerability arises from unsanitized input through the parameters livreornom, livreoremail, and livreormessage, which allows remote attackers to inject arbitrary web script or...

CVE-2005-1644

Cross-site scripting XSS vulnerability in guestbook.php for 1Two Livre d'Or 1.0 allows remote attackers to inject arbitrary web script or HTML via the 1 livreornom, 2 livreoremail, or 3 livreormessage parameters...

CVE-2005-0786

CVE-2005-0786 is a SQL injection vulnerability in SimpGB where the quote parameter of guestbook.php is unsafely used in queries via gb_new.inc. The issue allows unauthenticated remote attackers to manipulate queries, reading or modifying data and potentially executing commands on the web server. ...

CVE-2005-0786

SQL injection vulnerability in gbnew.inc in SimpGB allows remote attackers to execute arbitrary SQL commands via the quote parameter to guestbook.php...

SimpGB guestbook.php quote Parameter SQL Injection

The remote host is running SimpGB, a web-based guestbook application written in PHP. The version of SimpGB installed on the remote host fails to sanitize user input to the 'quote' parameter of the 'guestbook.php' script before using it in SQL queries. An unauthenticated, remote attacker can...