12 matches found
EUVD-2006-2972
Malware in sbrugna...
CVE-2006-3618
SQL injection vulnerability in pblguestbook.php in Pixelated By Lev PBL Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 website, 4 comments, 5 rate, and 6 private parameters...
CVE-2006-3617
Cross-site scripting XSS vulnerability in pblguestbook.php in Pixelated By Lev PBL Guestbook 1.32 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 message aka comments, 3 website, and 4 email parameters, which bypasses XSS protection mechanisms that che...
CVE-2006-3618
CVE-2006-3618 affects Pixelated By Lev (PBL) Guestbook, versions 1.32 and earlier, via SQL injection in pblguestbook.php. The vulnerability allows remote attackers to execute arbitrary SQL commands through the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters. T...
CVE-2006-3618
SQL injection vulnerability in pblguestbook.php in Pixelated By Lev PBL Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 website, 4 comments, 5 rate, and 6 private parameters...
CVE-2006-3617
The CVE-2006-3617 entry describes a Cross-site scripting (XSS) vulnerability in Pixelated By Lev (PBL) Guestbook, specifically pblguestbook.php, affecting PBL Guestbook 1.32 and earlier. The vulnerability allows remote attackers to inject arbitrary script or HTML via the name, message, website, a...
PBLGuestbook132.txt
/ -------------------------------------------------------- Neo Security Team NST? - Advisory 23 - 07/07/06 -------------------------------------------------------- Program: PBL Guestbook Homepage: www.pixelatedbylev.com Vulnerable Versions: 1.32 and lower. Risk: High! Impact: Critical Risk -==PBL...
PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities
/ -------------------------------------------------------- Neo Security Team NST? - Advisory 23 - 07/07/06 -------------------------------------------------------- Program: PBL Guestbook Homepage: www.pixelatedbylev.com Vulnerable Versions: 1.32 and lower. Risk: High! Impact: Critical Risk -==PBL...
CVE-2006-2975
Multiple cross-site scripting XSS vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the 1 name, 2 email, and 3 website parameter, which bypasses XSS protection mechanisms that...
CVE-2006-2975
Multiple cross-site scripting XSS vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the 1 name, 2 email, and 3 website parameter, which bypasses XSS protection mechanisms that...
CVE-2006-2975
CVE-2006-2975 affects PBL Guestbook 1.31 (pblguestbook.php). It describes multiple XSS vectors where an attacker can inject arbitrary script/HTML via javascript in the SRC attribute of IMG tags for the name, email, and website parameters. The scheme bypasses protections that only filter SCRIPT ta...
PBL Guestbook v1.31 - XSS
PBLGuestbook v1.31 Homepage: http://www.pixelatedbylev.com/ Effected files: input boxes of the guestbook. XSS Vulnerabilities PoC: I noticed that common tags like script are filtered into the words "SCRIPT BLOCKED" in this guestbook, however img tags as well as others go unfiltered in the Name,...