Lucene search
K

6 matches found

NVD
NVD
added 2006/06/02 10:18 a.m.17 views

CVE-2006-2773

admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

6.4CVSS6.5AI score0.01595EPSS
Exploits1References3
Prion
Prion
added 2006/06/02 10:18 a.m.18 views

Code injection

admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter...

6.4CVSS7.2AI score0.02509EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2006/06/02 10:18 a.m.10 views

CVE-2006-2771

admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter...

6.4CVSS6.7AI score0.02509EPSS
Exploits1References5
NVD
NVD
added 2006/06/02 10:18 a.m.15 views

CVE-2006-2772

Cross-site scripting XSS vulnerability in add.asp in Hogstorps hogstorp guestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, and 3 headline parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

6.8CVSS5.6AI score0.01439EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/06/02 10:0 a.m.23 views

CVE-2006-2773

admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

6.5AI score0.01595EPSS
Exploits1References3
Cvelist
Cvelist
added 2006/06/02 10:0 a.m.24 views

CVE-2006-2772

Cross-site scripting XSS vulnerability in add.asp in Hogstorps hogstorp guestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, and 3 headline parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

5.6AI score0.01439EPSS
Exploits1References4
Rows per page
Query Builder