guestbook software vulnerabilities
vulnerabilities.aspcode.net
Searching guestbook software vulnerabilities
The Webcom CGI Guestbook programs wguest.exe an
"template"
|
wguestexe
|
rguestexe
|
arbitrary
|
parameter
|
Guestbook
|
attacker
|
programs
|
Webcom
|
remote
|
using
|
files
|
allow
|
read
|
CGI
|
The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter.
dbmlparser.exe CGI guestbook program does not p
dbmlparserexe
|
operation
|
attackers
|
arbitrary
|
guestbook
|
properly
|
program
|
perform
|
allows
|
remote
|
chroot
|
files
|
which
|
does
|
read
|
not
|
CGI
|
dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files.
simplestguest.cgi CGI program by Leif Wright al
simplestguestcgi
|
metacharacters
|
arbitrary
|
attackers
|
parameter
|
guestbook
|
commands
|
execute
|
program
|
remote
|
allows
|
Wright
|
shell
|
Leif
|
CGI
|
via
|
simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter.
Dynamic Guestbook 3.0 allows remote attackers t
metacharacters
|
attackers
|
arbitrary
|
parameter
|
Guestbook
|
gbdaten
|
Dynamic
|
execute
|
remote
|
allows
|
shell
|
code
|
via
|
Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter.
Cross-site scripting vulnerability in Dynamic G
vulnerability
|
parameters
|
Cross-site
|
attackers
|
Guestbook
|
scripting
|
execute
|
clients
|
Dynamic
|
access
|
allows
|
remote
|
pages
|
code
|
via
|
Cross-site scripting vulnerability in Dynamic Guestbook 3.0 allows remote attackers to execute code in clients who access guestbook pages via the parameters (1) name, (2) mail, or (3) kommentar.
Easy Guestbook CGI programs do not authenticate
administrator
|
authenticate
|
Guestbook
|
attackers
|
programs
|
allows
|
remote
|
which
|
Easy
|
CGI
|
not
|
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.
Cross-site scripting vulnerability (XSS) in ASP
vulnerability
|
Cross-site
|
scripting
|
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.
ASPjar Guestbook 1.00 allows remote attackers t
Guestbook
|
ASPjar
|
ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".
SQL injection vulnerability in login.asp in ASP
vulnerability
|
arbitrary
|
Guestbook
|
injection
|
attackers
|
password
|
loginasp
|
commands
|
execute
|
ASPjar
|
allows
|
remote
|
field
|
SQL
|
via
|
SQL injection vulnerability in login.asp in ASPjar Guestbook allows remote attackers to execute arbitrary SQL commands via the password field.
episodex guestbook allows remote attackers to b
authentication
|
attackers
|
guestbook
|
episodex
|
adminasp
|
scripts
|
request
|
direct
|
bypass
|
allows
|
remote
|
edit
|
via
|
episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct request to admin.asp.
Cross-site scripting (XSS) vulnerability in ind
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 1.7 allows remote attackers to inject arbitrary web script or HTML via the email parameter, as used by the email field, when signing a guestbook.
Cross-site scripting (XSS) vulnerability in cgi
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in cgi-bin/guest in Community Architect Guestbook allows remote attackers to inject arbitrary web script or HTML by signing the guestbook, which is displayed by fsguestbook.html. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Cross-site scripting (XSS) vulnerability in Scr
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook Saturday, February 11, 2006 allows remote attackers to inject arbitrary web script or HTML via the Comments field when signing the guestbook.
Cross-site scripting (XSS) vulnerability in ind
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in index.php in Hiox Guestbook 3.1 allows remote attackers to inject arbitrary web script or HTML via the input forms for signing the guestbook.
Cross-site scripting (XSS) vulnerability in vie
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in view.php in TuttoPhp (1) Morris Guestbook 1, (2) Pretty Guestbook 1, and (3) Smile Guestbook 1 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the pagina parameter.
Cross-site scripting (XSS) vulnerability in ind
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in index.php in DT Guestbook (dt_guestbook) 1.0f, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the error[] parameter.
Yana Framework before 2.8.5a allows remote auth
authenticated
|
permissions
|
unspecified
|
Framework
|
guestbook
|
arbitrary
|
profiles
|
profile
|
vectors
|
delete
|
before
|
remote
|
modify
|
allows
|
users
|
Yana
|
285a
|
via
|
Yana Framework before 2.8.5a allows remote authenticated users with permissions to modify a guestbook profile to modify or delete arbitrary guestbook profiles via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Direct static code injection vulnerability in i
vulnerability
|
injection
|
Guestbook
|
indexphp
|
Limesoft
|
Direct
|
static
|
code
|
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) allows remote attackers to inject arbitrary PHP code into posts.txt via the name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Direct static code injection vulnerability in i
vulnerability
|
injection
|
Guestbook
|
indexphp
|
Limesoft
|
Direct
|
static
|
code
|
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote attackers to inject arbitrary PHP code into posts.txt via the message parameter.
Cross-site scripting (XSS) vulnerability in Big
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Big Blue Guestbook allows remote attackers to inject arbitrary web script or HTML via the message field in the guestbook entry submission form.
Software vulnerabilities results 1 to 20 of 136
Page:
1
2
3
4
5
...
7
►