5 matches found
CVE-2008-6368
CVE-2008-6368 affects Chipmunk Guestbook 1.4m: SQL injection in the index.php script allows an attacker to manipulate the database through the start parameter. Several connected sources (OpenVAS entries and NVD listing) describe the vulnerability as failing to sanitize user input before using it ...
CVE-2005-3517
Chipmunk Scripts Guestbook vulnerability (CVE-2005-3517) allows remote attackers to cause an error message by crafting a URL containing a single quote in the start parameter of index.php, enabling disclosure of the installation path. Affected software: Chipmunk Scripts Guestbook. Root cause: erro...
CVE-2006-1683
The CVE-2006-1683 entry describes a SQL injection vulnerability in Chipmunk Guestbook’s admin/login.php that allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the User name. This vulnerability affects Chipmunk Guestbook’s login handling and is documente...
CVE-2006-2757
CVE-2006-2757 is a Cross-site Scripting (XSS) vulnerability affecting Chipmunk guestbook. The issue allows remote attackers to inject arbitrary web script or HTML via multiple input points: (1) the start parameter in index.php; (2) the forumID parameter in index.php, newtopic.php, and reply.php; ...
CVE-2006-0069
CVE-2006-0069 describes a cross-site scripting (XSS) vulnerability in the addentry.php script of Chipmunk Guestbook 1.4 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the homepage parameter. The public metrics indicate a moderate impact (CVSS v2: AV:N/AC...