4 matches found
Sql injection
Multiple SQL injection vulnerabilities in mesadd.php in x-script GuestBook 1.3a, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 icq, and 4 website parameters...
CVE-2007-5189
Multiple SQL injection vulnerabilities in mesadd.php in x-script GuestBook 1.3a, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 icq, and 4 website parameters...
CVE-2007-5189
CVE-2007-5189 concerns multiple SQL injection vulnerabilities in the file mes_add.php of the web app x-script GuestBook 1.3a . The issue arises when the PHP setting magic_quotes_gpc is disabled, allowing remote attackers to manipulate the database by injecting SQL through the parameters name, ema...
New Advisory: X-script GuestBook
New Advisory: X-script GuestBook http://www.security-news.ws --------------------Summary---------------- Software: x-script GuestBook Sowtware's Web Site: http://x-script.net.ru Versions: 1.3a Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched PoC/Exploit: Not...