CVE-2006-2772

Cross-site scripting XSS vulnerability in add.asp in Hogstorps hogstorp guestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, and 3 headline parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

Code injection

admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter...

CVE-2006-2771

admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter...

CVE-2006-2773

admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-2773

admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-2772

Cross-site scripting XSS vulnerability in add.asp in Hogstorps hogstorp guestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, and 3 headline parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

CVE-2006-2771

CVE-2006-2771 affects Hogstorps hogstorp guestbook 2.0. The vulnerability is in admin/radera/tabort.asp, which does not verify user credentials, allowing remote attackers to delete arbitrary posts by modifying the delID parameter. No further exploit specifics or remediation are provided in the co...