22 matches found
EUVD-2002-0724
Malware in sbrugna...
EUVD-2003-1231
Malware in sbrugna...
EUVD-2005-2163
Malware in sbrugna...
MyGuestbook 1.0 Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4651/info MyGuestbook is freely available guestbook software. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. MyGuestbook does not adequately filter script code from various...
MyGuestbook 0.6.1 Form.Inc.PHP3 Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14155/info MyGuestbook is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...
CVE-2003-1241
CVE-2003-1241 describes an XSS flaw in MyGuestbook 3.0 affecting (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php. The vulnerability allows remote attackers to execute arbitrary PHP code by tweaking the location parameter to reference a URL on a remote server ...
CVE-2003-1241
Cross-site scripting vulnerability XSS in 1 adminindex.php, 2 adminpass.php, 3 adminmodif.php, and 4 adminsuppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via...
Remote File Inclusion in MyGuestbook
Remote File Inclusion in MyGuestbook Date: 10/07/2005 Severity: High version: 0.6.1 The bug reside in form.inc.php3 The Vulnerable Code if $show 1 include "form.inc.php3"; Exploit : http://server/Guestbook/form.inc.ph...cmd.gif?&cmd=id Discovery by RoDheDoR L-G-H Team http://www.lezr.com Best...
myguestbook_advisory.txt
=========================================================== ============================================================ Title: MyGuestbook Remote File Inclusion. Vulnerability Discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 05/07/2005 Severity: High. Remote Users Can...
CVE-2005-2162
The CVE-2005-2162 entry describes a PHP remote file inclusion vulnerability in the MyGuestbook 0.6.1 package, specifically in form.inc.php3, where the lang parameter can be exploited to execute arbitrary PHP code on the server. The connected documents confirm the affected product and vulnerabilit...
CVE-2005-2162
PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang parameter...
CVE-2005-2162
PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang parameter...
MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion
MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion source: https://www.securityfocus.com/bid/14155/info MyGuestbook is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue...
MyGuestbook 0.6.1 - 'Form.Inc.php3' Remote File Inclusion
source: https://www.securityfocus.com/bid/14155/info MyGuestbook is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an...
CVE-2003-1241
Cross-site scripting vulnerability XSS in 1 adminindex.php, 2 adminpass.php, 3 adminmodif.php, and 4 adminsuppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via...
Myguestbook (PHP)
Informations : °°°°°°°°°°°°°° Version : 3.0 Website : http://www.tefonline.net/ Problems : - XSS - admin infos recovery - Access to admin pages PHP Code/Location : °°°°°°°°°°°°°°°°°°° If pseudo = SCRIPT, e-mail = SCRIPT or message = /textareaSCRIPT SCRIPT will be executed on index.php,...
CVE-2002-0732
Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote attackers to execute arbitrary script or inject HTML via fields such as 1 user name or 2 comments...
CVE-2002-0732
CVE-2002-0732 is a cross-site scripting vulnerability in MyGuestbook 1.0. The issue enables remote attackers to execute arbitrary script or inject HTML via fields such as user name and comments due to insufficient input validation. Affected: MyGuestbook 1.0 (version 1.0). Impact is remote script ...
CVE-2002-0732
Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote attackers to execute arbitrary script or inject HTML via fields such as 1 user name or 2 comments...
Levcgi.coms MyGuestbook JavaScript Injection Vulnerability
| | | | | | | | | | | | | | | | | | || | | | | http://rawt.daemon.sh | | | | | | | | | | | | | | | || || || || || || || Levcgi.coms MyGuestbook JavaScript Injection Vulnerability Discovered By BrainRawt [email protected] About MyGuestbook: ------------------ Highly customizable guestbook that...