EUVD-2009-3475

Malware in sbrugna...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Zenas PaoBacheca Guestbook 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 scrivi.php and 2 index.php...

CVE-2009-3493

Multiple cross-site scripting XSS vulnerabilities in Zenas PaoBacheca Guestbook 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 scrivi.php and 2 index.php...

CVE-2009-3493

Multiple cross-site scripting XSS vulnerabilities in Zenas PaoBacheca Guestbook 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 scrivi.php and 2 index.php...

CVE-2009-3493

The CVE-2009-3493 issue affects the Zenas PaoBacheca Guestbook 2.1, with multiple XSS vulnerabilities exploitable via PATH_INFO to scrivi.php and index.php. The root cause is improper handling of PATH_INFO that allows injection of arbitrary web script or HTML. Impact described in sources indicate...

Authentication flaw

login.php in Zenas PaoBacheca Guestbook 2.1, when registerglobals is enabled, allows remote attackers to bypass authentication and gain administrative access by setting the loginok parameter to 1...

CVE-2009-3421

CVE-2009-3421 affects Zenas PaoBacheca Guestbook 2.1. The vulnerability is in login.php and arises when PHP register_globals is enabled. An attacker can bypass authentication and gain administrative access by setting the login_ok parameter to 1. The NVD notes a high-severity impact (confidentiali...

CVE-2009-3421

login.php in Zenas PaoBacheca Guestbook 2.1, when registerglobals is enabled, allows remote attackers to bypass authentication and gain administrative access by setting the loginok parameter to 1...

PT-2009-5715 · Zenas · Zenas Paobacheca Guestbook

Name of the Vulnerable Software and Affected Versions: Zenas PaoBacheca Guestbook version 2.1 Description: The issue allows remote attackers to bypass authentication and gain administrative access. This is achieved by setting the login ok parameter to 1 when register globals is enabled...

PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting

PaoBacheca 2.1 - scrivi.php URI Cross-Site Scripting source: https://www.securityfocus.com/bid/42423/info PaoBacheca is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scri...

PaoBacheca 2.1 - index.php URI Cross-Site Scripting

PaoBacheca 2.1 - index.php URI Cross-Site Scripting source: https://www.securityfocus.com/bid/42423/info PaoBacheca is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scrip...

PaoBacheca 2.1 - 'scrivi.php' URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/42423/info PaoBacheca is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

PaoBacheca 2.1 - 'index.php' URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/42423/info PaoBacheca is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

PaoBacheca Guestbook 2.1 Authentication Bypass

PaoBacheca Guestbook 2.1 loginok Authentication Bypass Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org download : http://zenas.org/paobacheca/download/scarica.html + Authentication Bypass Vulnerability - Notes : registerglobals = on - PoC :...

PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability

Exploit for unknown platform in category web applications ============================================================= PaoBacheca Guestbook 2.1 loginok Auth Bypass Vulnerability ============================================================= + PaoBacheca Guestbook 2.1 loginok Authentication Bypass...

PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability

No description provided by source. + PaoBacheca Guestbook 2.1 loginok Authentication Bypass Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org download : http://zenas.org/paobacheca/download/scarica.html + Authentication Bypass Vulnerability - Notes :...

PaoBacheca Guestbook 2.1 - login_ok Authentication Bypass

PaoBacheca Guestbook 2.1 - loginok Authentication Bypass + PaoBacheca Guestbook 2.1 loginok Authentication Bypass Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org download : http://zenas.org/paobacheca/download/scarica.html + Authentication Bypass Vulnerability...

PaoBacheca Guestbook 2.1 - 'login_ok' Authentication Bypass

PaoBacheca Guestbook 2.1 loginok Authentication Bypass Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org download : http://zenas.org/paobacheca/download/scarica.html + Authentication Bypass Vulnerability - Notes : registerglobals = on - PoC :...