Max's Guestbook Security Vulnerabilities

unodatt.se XSS vulnerability

Open Bug Bounty ID: OBB-611244 Description| Value ---|--- Affected Website:| unodatt.se Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

argo.ee XSS vulnerability

Open Bug Bounty ID: OBB-609298 Description| Value ---|--- Affected Website:| argo.ee Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

goldenserpent.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-600188 Description| Value ---|--- Affected Website:| goldenserpent.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

karperstruiners.nl IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-594459 Description| Value ---|--- Affected Website:| karperstruiners.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

lazyriverofjurassicvalley.ch IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-594383 Description| Value ---|--- Affected Website:| lazyriverofjurassicvalley.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

Design/Logic Flaw

Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protected\apps\default\view\default\extend_guestbook.php or protected\apps\default\view\mobile\extend_guestbook.php in an index.php?r=default/column/index&col=guestbook...

CVE-2018-8805

Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protected\apps\default\view\default\extend_guestbook.php or protected\apps\default\view\mobile\extend_guestbook.php in an index.php?r=default/column/index&col=guestbook...

CVE-2018-8805

Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protected\apps\default\view\default\extend_guestbook.php or protected\apps\default\view\mobile\extend_guestbook.php in an index.php?r=default/column/index&col=guestbook...

CVE-2018-8805

Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protected\apps\default\view\default\extend_guestbook.php or protected\apps\default\view\mobile\extend_guestbook.php in an index.php?r=default/column/index&col=guestbook...

azimut270.ch XSS vulnerability

Open Bug Bounty ID: OBB-582395 Description| Value ---|--- Affected Website:| azimut270.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

Gaestebuch 1.2 Database Disclosure

...

rambling-wheels-mc.de XSS vulnerability

Open Bug Bounty ID: OBB-440943 Description| Value ---|--- Affected Website:| rambling-wheels-mc.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

steverangel.de XSS vulnerability

Open Bug Bounty ID: OBB-440934 Description| Value ---|--- Affected Website:| steverangel.de Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention Cheat....

freiraum-fragmente.de XSS vulnerability

Open Bug Bounty ID: OBB-440933 Description| Value ---|--- Affected Website:| freiraum-fragmente.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

rittmann-tv.de XSS vulnerability

Open Bug Bounty ID: OBB-440912 Description| Value ---|--- Affected Website:| rittmann-tv.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

enyos.fi Open Redirect vulnerability

Open Bug Bounty ID: OBB-417645 Description| Value ---|--- Affected Website:| enyos.fi Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N] Remediation Guide:| OWASP Open Redirect Cheat Sheet Vulnerable...

miniblacks.fi Open Redirect vulnerability

Open Bug Bounty ID: OBB-417643 Description| Value ---|--- Affected Website:| miniblacks.fi Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

700-jahre-merkers.de Open Redirect vulnerability

Open Bug Bounty ID: OBB-413751 Description| Value ---|--- Affected Website:| 700-jahre-merkers.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

codeforge.com XSS vulnerability

Open Bug Bounty ID: OBB-411468 Description| Value ---|--- Affected Website:| codeforge.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention Cheat.....

broshchapel.com XSS vulnerability

Open Bug Bounty ID: OBB-410637 Description| Value ---|--- Affected Website:| broshchapel.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...

mci-villingen.de XSS vulnerability

Open Bug Bounty ID: OBB-407707 Description| Value ---|--- Affected Website:| mci-villingen.de Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Remediation Guide:| OWASP XSS Prevention...

shipsoffterneuzen.nl Open Redirect vulnerability

Open Bug Bounty ID: OBB-401788 Description| Value ---|--- Affected Website:| shipsoffterneuzen.nl Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N] Remediation Guide:| OWASP Open Redirect Cheat...

dickinsonfuneralhome.com XSS vulnerability

Vulnerable URL: http://dickinsonfuneralhome.com/guestbook/index.php?id=13'"> Details: Description| Value ---|--- Patched:| No Latest check for patch:| 14.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 6845613 VIP website status:| No Coordinated...

bernardmaclaverty.com XSS vulnerability

Vulnerable URL: http://www.bernardmaclaverty.com/guestbook/EGuest-PRO_admin.php?action=del&id;=13'">119 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13906040 VIP website...

tiltononthehill.org.uk XSS vulnerability

Vulnerable URL: http://www.tiltononthehill.org.uk/guestbook/index.asp?mode=2&error;=">Not+all+required+fields+were+filled+out.+Entry+was+not+created. CAPTCHA+Number+Test+Incorrect.++Please+ ##### Details: Description| Value ---|--- Patched:| No Latest check for patch:| 20.12.2017 ...

WordPress Gwolle Guestbook Plugin < 1.5.4 RFI Vulnerability

The WordPress...

Directory traversal

PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: this can also be...

CVE-2015-8351

PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: this can also be...

CVE-2015-8351

PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: this can also be...

CVE-2015-8351

PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: this can also be...

Progress Sitefinity 9.1 XSS Vulnerability

Progress Sitefinity version 9.1 suffers from cross site scripting, broken session management, and open redirection...

Progress Sitefinity 9.1 XSS / Session Management / Open Redirect

...

shrinesf.org XSS vulnerability

Vulnerable URL: http://shrinesf.org/GuestBook/?page_id=5 Details: Description| Value ---|--- Patched:| Yes, at 07.12.2017 Latest check for patch:| 07.12.2017 07:54 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 6761653 VIP website status:| No Check shrinesf.org.....

rozenbergps.com Open Redirect vulnerability

Vulnerable URL: http://www.rozenbergps.com/sohier/guestbook/go.php?url=https://www.openbugbounty.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 06.10.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 7373550 VIP website...

Country micro CMS government website system guestbook SQL injection

No description provided by...

Alex Guestbook 5.0.4 Cross Site Scripting

...

Simple ASC CMS 1.2 Cross Site Scripting

...

anglicancatholic.org.uk XSS vulnerability

Vulnerable URL: http://www.anglicancatholic.org.uk/guestbook-form.php?this_form=&bad;_template=&error;=The+form+required%22%3Eblub%3CsvG/onload=alert(/OPENBUGBOUNTY/)%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability...

Simple ASC CMS v1.2 - (Guestbook) Persistent Vulnerability

...

Simple ASC CMS v1.2 - Guestbook Persistent Vulnerability

...

WordPress Gwolle Guestbook 1.7.4 Cross Site Request Forgery Vulnerability

Exploit for php platform in category web...

WordPress Gwolle Guestbook 1.7.4 Cross Site Scripting Vulnerability

Exploit for php platform in category web...

WordPress Gwolle Guestbook 1.7.4 Cross Site Request Forgery

...

WordPress Gwolle Guestbook 1.7.4 Cross Site Scripting

...

Gwolle Guestbook <= 2.1.0 - Unauthenticated Stored Cross-Site Scripting (XSS)

The Gwolle Guestbook WordPress plugin was affected by an Unauthenticated Stored Cross-Site Scripting (XSS) security...

Gwolle Guestbook <= 2.1.0 - Cross-Site Request Forgery (CSRF)

The Gwolle Guestbook WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security...

Destoon 6.0 guestbook.php generic SQL injection vulnerability

Source: https://www.leavesongs.com/PENETRATION/destoon-v6-0-sql-injection.html Author: phithon Just saw today released Destoon 6.0 2017-01-09 updated, with I in [code auditing】small key ring in the said method, the moment to find the Fix a SQL injection vulnerability. By noon of 20 minutes,...

OpenGB 1.2.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web...

OpenGB 1.2.3 Cross Site Scripting

...

free-decompiler.com XSS vulnerability

Vulnerable URL: https://www.free-decompiler.com/flash/guestbook/?reply_id=%22%3E%3Csvg%20onload=alert(/XSSPOSED/)%3E Details: Description| Value ---|--- Patched:| Yes, at 16.09.2016 Latest check for patch:| 16.09.2016 16:10 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...