32 matches found
EUVD-2009-4414
Malware in sbrugna...
EUVD-2006-1913
Malware in sbrugna...
EUVD-2005-4871
Malware in sbrugna...
EUVD-2005-4870
Malware in sbrugna...
CVE-2005-4880
Jax Guestbook 3.1 and 3.31 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain IP addresses of users via a direct request to 1 guestbook, 2 guestbookips2block, 3 ips2block, and 4 formmailer/logfile.csv...
Jax Guestbook 3.31/3.50 - 'jax_guestbook.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28523/info Jax Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of a...
Jax Guestbook 3.50 Page Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17560/info Jax Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...
Jax Guestbook admin bypass vulnerability
Exploit for php platform in category web applications ======================================== Jax Guestbook admin bypass vulnerability ======================================== Exploit Title: Jax Guestbook admin bypass vulnerability Date: 3.10.2010 Author: EraGoN Software...
CVE-2009-4447
Jax Guestbook 3.5.0 allows remote attackers to bypass authentication and modify administrator settings via a direct request to admin/guestbook.admin.php...
Authentication flaw
Jax Guestbook 3.5.0 allows remote attackers to bypass authentication and modify administrator settings via a direct request to admin/guestbook.admin.php...
CVE-2009-4447
CVE-2009-4447 affects Jax Guestbook 3.5.0. The vulnerability allows remote attackers to bypass authentication and modify administrator settings by sending a direct request to admin/guestbook.admin.php. The cited sources consistently describe an authentication bypass with the ability to alter admi...
CVE-2009-4447
Jax Guestbook 3.5.0 allows remote attackers to bypass authentication and modify administrator settings via a direct request to admin/guestbook.admin.php...
Jax Guestbook 3.50 Administrative Login Bypass
------------------------------------------- Jax Guestbook 3.50 Admin Login Exploit Description: Jax Guestbook 3.50 suffers a bug that will allow you to log in as the admin. Found by: Sora Contact: vhr95zw at hotmail.com Google Dork: "inurl:guestbook.admin.php?action=settings" We can access the...
Jax Guestbook 3.50 Admin Login Exploit
No description provided by source. Exploit Title: Jax Guestbook 3.50 Admin Login Exploit Date: December 23rd, 2009 Author: Sora Software Link: http://script.wareseeker.com/ASP-NET/jax-guestbook-3.50.zip/32956d53cf Version: 3.50 Tested on: Windows and Linux...
Jax Guestbook 3.50 - Admin Login
Jax Guestbook 3.50 - Admin Login Exploit Title: Jax Guestbook 3.50 Admin Login Exploit Date: December 23rd, 2009 Author: Sora Software Link: http://script.wareseeker.com/ASP-NET/jax-guestbook-3.50.zip/32956d53cf Version: 3.50 Tested on: Windows and Linux ------------------------------------------...
Jax Guestbook 3.50 Admin Login Exploit
Exploit for unknown platform in category web applications ====================================== Jax Guestbook 3.50 Admin Login Exploit ====================================== Exploit Title: Jax Guestbook 3.50 Admin Login Exploit Date: December 23rd, 2009 Author: Sora Software Link:...
Jax Guestbook 3.50 - Admin Login
Exploit Title: Jax Guestbook 3.50 Admin Login Exploit Date: December 23rd, 2009 Author: Sora Software Link: http://script.wareseeker.com/ASP-NET/jax-guestbook-3.50.zip/32956d53cf Version: 3.50 Tested on: Windows and Linux ------------------------------------------- Jax Guestbook 3.50 Admin Login...
CVE-2005-4879
Multiple cross-site scripting XSS vulnerabilities in jaxguestbook.php in Jax Guestbook 3.1 and 3.31 allow remote attackers to inject arbitrary web script or HTML via the 1 gmtofs and 2 language parameters. NOTE: the page parameter is already covered by CVE-2006-1913. NOTE: it was later reported...
CVE-2005-4880
Jax Guestbook 3.1 and 3.31 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain IP addresses of users via a direct request to 1 guestbook, 2 guestbookips2block, 3 ips2block, and 4 formmailer/logfile.csv...
CVE-2005-4879
The CVE-2005-4879 entry describes XSS vulnerabilities in the PHP script jax_guestbook.php of Jax Guestbook, affecting versions 3.1, 3.31, and 3.50. The weaknesses arise from unsanitized user input in parameters such as gmt_ofs and language (and page per related CVEs), allowing remote attackers to...