Description
@lex Guestbook 4.0.1
--------------------
Vendor site: http://www.alexphpteam.com/
Product: @lex Guestbook 4.0.1
Vulnerability: Full Path Disclosure & XSS
Credits: Mr_KaLiMaN
Reported to Vendor: 24.11.06
Public disclosure: 30.11.06
Description:
------------
Full Path Disclosure:
http://[victim]/[guestbook_path]/index.php?skin=[non-existent_skin]
XSS:
http://[victim]/[guestbook_path]/index.php?skin=[XSS]
{"id": "SECURITYVULNS:DOC:15268", "bulletinFamily": "software", "title": "@lex Guestbook 4.0.1 : Full Path Disclosure & XSS", "description": "@lex Guestbook 4.0.1\r\n--------------------\r\nVendor site: http://www.alexphpteam.com/\r\nProduct: @lex Guestbook 4.0.1\r\nVulnerability: Full Path Disclosure & XSS\r\nCredits: Mr_KaLiMaN\r\nReported to Vendor: 24.11.06\r\nPublic disclosure: 30.11.06\r\n \r\nDescription:\r\n------------\r\nFull Path Disclosure:\r\nhttp://[victim]/[guestbook_path]/index.php?skin=[non-existent_skin]\r\n \r\nXSS:\r\nhttp://[victim]/[guestbook_path]/index.php?skin=[XSS]\r\n", "published": "2006-12-01T00:00:00", "modified": "2006-12-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:15268", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:20", "edition": 1, "viewCount": 174, "enchantments": {"score": {"value": 0.2, "vector": "NONE"}, "dependencies": {"references": []}, "backreferences": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:6879"]}]}, "exploitation": null, "vulnersScore": 0.2}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 1659730939}}
{}
@lex Guestbook 4.0.1 : Full Path Disclosure & XSS