23 matches found
EUVD-2005-2398
Malware in sbrugna...
EUVD-2006-0083
Malware in sbrugna...
EUVD-2011-3728
Malware in sbrugna...
PhpBook mail Parameter PHP Code Execution - Ver2 (CVE-2006-0075)
A code execution vulnerability has been reported in GNU phpBook. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
NETonE PHPBook 1.4.6 Guestbook.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14390/info NETonE PHPBook is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input to the 'admin' parameter of the 'guestbook.php' script. A successful exploi...
PHPBook 1.x Mail Field PHP Code Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16106/info phpBook is prone to a vulnerability that may let remote attackers inject arbitrary PHP code into the application. This code may then be executed by visiting pages that include the injected code. E-mail field:...
CVE-2011-3771
phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by doc/updatesmilies1.50-1.60.php and certain other files...
CVE-2011-3771
The CVE affects phpBook 2.1.0 and concerns an information-disclosure flaw where a direct request to certain .php files causes an error message that reveals the installation path (e.g., doc/update_smilies_1.50-1.60.php). The root cause is an improper error message disclosure that exposes internal ...
CVE-2011-3771
phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by doc/updatesmilies1.50-1.60.php and certain other files...
CVE-2006-0075
Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field mail variable in a new message, which is written to a PHP file...
CVE-2006-0075
Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field mail variable in a new message, which is written to a PHP file...
CVE-2006-0075
CVE-2006-0075 affects phpBook 1.3.2 and earlier. The flaw is a direct static code injection via the e-mail field (mail variable) in a new message, allowing remote attackers to write to a PHP file and execute arbitrary PHP code on the affected system. The NVD entry confirms a high base score (7.5)...
EV0006.txt
New eVuln Advisory: phpBook PHP Code Execution --------------------Summary---------------- Software: phpBook http://sourceforge.net/projects/phpbook/ Versions: 1.3.2 and earlier Critical Level: Dangerous Type: PHP Code Execution Class: Remote Status: Unpatched Exploit: Available Solution: Not...
[eVuln] phpBook PHP Code Execution
New eVuln Advisory: phpBook PHP Code Execution --------------------Summary---------------- Software: phpBook http://sourceforge.net/projects/phpbook/ Versions: 1.3.2 and earlier Critical Level: Dangerous Type: PHP Code Execution Class: Remote Status: Unpatched Exploit: Available Solution: Not...
[SA18268] phpBook "email" PHP Code Injection Vulnerability
TITLE: phpBook "email" PHP Code Injection Vulnerability SECUNIA ADVISORY ID: SA18268 VERIFY ADVISORY: http://secunia.com/advisories/18268/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: phpBook 1.x http://secunia.com/product/6719/ DESCRIPTION: Aliaksandr Hartsuyeu ha...
PHPBook 1.x - Mail Field PHP Code Injection
PHPBook 1.x - Mail Field PHP Code Injection source: https://www.securityfocus.com/bid/16106/info phpBook is prone to a vulnerability that may let remote attackers inject arbitrary PHP code into the application. This code may then be executed by visiting pages that include the injected code. E-mai...
PHPBook 1.x - Mail Field PHP Code Injection
source: https://www.securityfocus.com/bid/16106/info phpBook is prone to a vulnerability that may let remote attackers inject arbitrary PHP code into the application. This code may then be executed by visiting pages that include the injected code. E-mail field: [email protected]...
CVE-2005-2397
CVE-2005-2397 is an XSS vulnerability in phpBook 1.46 affecting the guestbook.php module, exploitable via the admin parameter to inject arbitrary web script or HTML. The provided documents confirm the affected product/version and the input vector, but do not include exploit specifics, impact metr...
CVE-2005-2397
Cross-site scripting XSS vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter...
CVE-2005-2397
Cross-site scripting XSS vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter...