13 matches found
EUVD-2009-3309
Malware in sbrugna...
EUVD-2009-3310
Malware in sbrugna...
CVE-2009-3327
Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow remote attackers to execute arbitrary SQL commands via the 1 QUERY parameter to search.php and 2 USERNAME parameter to login.php. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in sign.php in WX-Guestbook 1.1.208 allows remote attackers to inject arbitrary web script or HTML via the sName parameter aka the name field. NOTE: some of these details are obtained from third party information...
CVE-2009-3328
WX-Guestbook 1.1.208 contains a cross-site scripting (XSS) flaw in sign.php, exploitable via the sName parameter (the name field). The vulnerability allows remote script or HTML injection. Root cause: insufficient input sanitization on sName leading to script execution in the browser context. Doc...
CVE-2009-3327
Multiple SQL injection vulnerabilities in WX-Guestbook 1.1.208 allow remote attackers to execute arbitrary SQL commands via the 1 QUERY parameter to search.php and 2 USERNAME parameter to login.php. NOTE: some of these details are obtained from third party information...
CVE-2009-3327
CVE-2009-3327 relates to multiple SQL injection flaws in WX-Guestbook 1.1.208. The vulnerabilities allow remote attackers to execute arbitrary SQL commands via (1) the QUERY parameter to search.php and (2) the USERNAME parameter to login.php. The issue is confirmed in multiple documents (NVD, CVE...
CVE-2009-3328
Cross-site scripting XSS vulnerability in sign.php in WX-Guestbook 1.1.208 allows remote attackers to inject arbitrary web script or HTML via the sName parameter aka the name field. NOTE: some of these details are obtained from third party information...
WX-Guestbook 1.1.208 - SQL Injection HTML Injection
WX-Guestbook 1.1.208 - SQL Injection HTML Injection source: https://www.securityfocus.com/bid/41741/info WX-Guestbook is prone to multiple SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage thes...
WX Guestbook 1.1.208 - SQL Injection Persistent Cross-Site Scripting
WX Guestbook 1.1.208 - SQL Injection Persistent Cross-Site Scripting WX Guest Book 1.1.208 Vulns By learn3r hacker from nepal [email protected] Product name: WX Guestbook 1.1.208 Product vendor: www.webilix.com This product suffers from multiple SQLi and persistent XSS vuln. SQL Search Vu...
WX Guestbook 1.1.208 SQLi and persistent XSS
No description provided by source. WX Guest Book 1.1.208 Vulns By learn3r hacker from nepal [email protected] Product name: WX Guestbook 1.1.208 Product vendor: www.webilix.com This product suffers from multiple SQLi and persistent XSS vuln. SQL Search Vuln The search parameters/queries w...
WX Guestbook 1.1.208 - SQL Injection / Persistent Cross-Site Scripting
WX Guest Book 1.1.208 Vulns By learn3r hacker from nepal [email protected] Product name: WX Guestbook 1.1.208 Product vendor: www.webilix.com This product suffers from multiple SQLi and persistent XSS vuln. SQL Search Vuln The search parameters/queries we submit to the search.php are...
WX-Guestbook 1.1.208 - SQL Injection / HTML Injection
source: https://www.securityfocus.com/bid/41741/info WX-Guestbook is prone to multiple SQL-injection vulnerabilities and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to compromise the application, access or...