CVE Tools

advanced guestbook

Web & CMS Pluginscommercial

10

Cumulative CVEs

7

Monthly snapshots

#30

Peak rank

Top products

advanced guestbook3

Latest CVEs

The 10 most recently published vulnerabilities affecting advanced guestbook.

CVE-2007-0609Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows remote attackers to bypass .htaccess settings, and execute arbitrary PHP local files or read arbitrary local templates, via a .....5.1May 9, 2007
CVE-2007-0608Advanced Guestbook 2.4.2 allows remote attackers to obtain sensitive information via an invalid (1) GB_TBL parameter to (a) lang/codes-english.php or (b) image.php, which reveal the database name; ...7.1May 9, 2007
CVE-2007-0605Cross-site scripting (XSS) vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote attackers to inject arbitrary web script or HTML via the picture parameter.4.3May 9, 2007
CVE-2007-0530Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) index.php, (2) add...7.5Jan 26, 2007
CVE-2006-5804PHP remote file inclusion vulnerability in admin.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter.7.5Nov 8, 2006
CVE-2005-4649Multiple cross-site scripting (XSS) vulnerabilities in Advanced Guestbook 2.2 and 2.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the entry parameter in index.php and (2...4.3Jan 13, 2006
CVE-2005-3588SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the username field.7.5Nov 16, 2005
CVE-2005-1548SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary SQL commands via the entry parameter.7.5May 14, 2005
CVE-2004-1952SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password.7.5May 10, 2005
CVE-2004-1213Cross-site scripting (XSS) vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry para...6.8Dec 15, 2004